Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-38547 (GCVE-0-2024-38547)
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2025-05-04 09:13
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries
The allocation failure of mycs->yuv_scaler_binary in load_video_binaries()
is followed with a dereference of mycs->yuv_scaler_binary after the
following call chain:
sh_css_pipe_load_binaries()
|-> load_video_binaries(mycs->yuv_scaler_binary == NULL)
|
|-> sh_css_pipe_unload_binaries()
|-> unload_video_binaries()
In unload_video_binaries(), it calls to ia_css_binary_unload with argument
&pipe->pipe_settings.video.yuv_scaler_binary[i], which refers to the
same memory slot as mycs->yuv_scaler_binary. Thus, a null-pointer
dereference is triggered.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ► | Linux | Linux |
Version: a49d25364dfb9f8a64037488a39ab1f56c5fa419 Version: a49d25364dfb9f8a64037488a39ab1f56c5fa419 Version: a49d25364dfb9f8a64037488a39ab1f56c5fa419 Version: a49d25364dfb9f8a64037488a39ab1f56c5fa419 Version: a49d25364dfb9f8a64037488a39ab1f56c5fa419 Version: a49d25364dfb9f8a64037488a39ab1f56c5fa419 Version: a49d25364dfb9f8a64037488a39ab1f56c5fa419 |
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4b68b861b514a5c09220d622ac3784c0ebac6c80"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/82c2c85aead3ea3cbceef4be077cf459c5df2272"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a1ab99dcc8604afe7e3bccb01b10da03bdd7ea35"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cc20c87b04db86c8e3e810bcdca686b406206069"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/69b27ff82f87379afeaaea4b2f339032fdd8486e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6482c433863b257b0b9b687c28ce80b89d5f89f0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3b621e9e9e148c0928ab109ac3d4b81487469acb"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38547",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:15:00.678473Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:57.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/staging/media/atomisp/pci/sh_css.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4b68b861b514a5c09220d622ac3784c0ebac6c80",
"status": "affected",
"version": "a49d25364dfb9f8a64037488a39ab1f56c5fa419",
"versionType": "git"
},
{
"lessThan": "82c2c85aead3ea3cbceef4be077cf459c5df2272",
"status": "affected",
"version": "a49d25364dfb9f8a64037488a39ab1f56c5fa419",
"versionType": "git"
},
{
"lessThan": "a1ab99dcc8604afe7e3bccb01b10da03bdd7ea35",
"status": "affected",
"version": "a49d25364dfb9f8a64037488a39ab1f56c5fa419",
"versionType": "git"
},
{
"lessThan": "cc20c87b04db86c8e3e810bcdca686b406206069",
"status": "affected",
"version": "a49d25364dfb9f8a64037488a39ab1f56c5fa419",
"versionType": "git"
},
{
"lessThan": "69b27ff82f87379afeaaea4b2f339032fdd8486e",
"status": "affected",
"version": "a49d25364dfb9f8a64037488a39ab1f56c5fa419",
"versionType": "git"
},
{
"lessThan": "6482c433863b257b0b9b687c28ce80b89d5f89f0",
"status": "affected",
"version": "a49d25364dfb9f8a64037488a39ab1f56c5fa419",
"versionType": "git"
},
{
"lessThan": "3b621e9e9e148c0928ab109ac3d4b81487469acb",
"status": "affected",
"version": "a49d25364dfb9f8a64037488a39ab1f56c5fa419",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/staging/media/atomisp/pci/sh_css.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.12"
},
{
"lessThan": "4.12",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.219",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.161",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.93",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.33",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8.12",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.3",
"versionStartIncluding": "4.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries\n\nThe allocation failure of mycs-\u003eyuv_scaler_binary in load_video_binaries()\nis followed with a dereference of mycs-\u003eyuv_scaler_binary after the\nfollowing call chain:\n\nsh_css_pipe_load_binaries()\n |-\u003e load_video_binaries(mycs-\u003eyuv_scaler_binary == NULL)\n |\n |-\u003e sh_css_pipe_unload_binaries()\n |-\u003e unload_video_binaries()\n\nIn unload_video_binaries(), it calls to ia_css_binary_unload with argument\n\u0026pipe-\u003epipe_settings.video.yuv_scaler_binary[i], which refers to the\nsame memory slot as mycs-\u003eyuv_scaler_binary. Thus, a null-pointer\ndereference is triggered."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-04T09:13:44.315Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4b68b861b514a5c09220d622ac3784c0ebac6c80"
},
{
"url": "https://git.kernel.org/stable/c/82c2c85aead3ea3cbceef4be077cf459c5df2272"
},
{
"url": "https://git.kernel.org/stable/c/a1ab99dcc8604afe7e3bccb01b10da03bdd7ea35"
},
{
"url": "https://git.kernel.org/stable/c/cc20c87b04db86c8e3e810bcdca686b406206069"
},
{
"url": "https://git.kernel.org/stable/c/69b27ff82f87379afeaaea4b2f339032fdd8486e"
},
{
"url": "https://git.kernel.org/stable/c/6482c433863b257b0b9b687c28ce80b89d5f89f0"
},
{
"url": "https://git.kernel.org/stable/c/3b621e9e9e148c0928ab109ac3d4b81487469acb"
}
],
"title": "media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38547",
"datePublished": "2024-06-19T13:35:20.689Z",
"dateReserved": "2024-06-18T19:36:34.919Z",
"dateUpdated": "2025-05-04T09:13:44.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.12\", \"versionEndExcluding\": \"5.10.219\", \"matchCriteriaId\": \"58594503-2699-4CEB-8D05-6DFB3484E37A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.11\", \"versionEndExcluding\": \"5.15.161\", \"matchCriteriaId\": \"31130639-53FE-4726-8986-434EE2528CB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.16\", \"versionEndExcluding\": \"6.1.93\", \"matchCriteriaId\": \"EEFB78EE-F990-4197-BF1C-156760A55667\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.2\", \"versionEndExcluding\": \"6.6.33\", \"matchCriteriaId\": \"FCE796DF-3B50-4DC6-BAE5-95271068FC9E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.7\", \"versionEndExcluding\": \"6.8.12\", \"matchCriteriaId\": \"80550309-67AB-4FD1-AC07-3DED5C4F01B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.9\", \"versionEndExcluding\": \"6.9.3\", \"matchCriteriaId\": \"E07124C1-19E8-4D21-828D-9932A01D3011\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmedia: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries\\n\\nThe allocation failure of mycs-\u003eyuv_scaler_binary in load_video_binaries()\\nis followed with a dereference of mycs-\u003eyuv_scaler_binary after the\\nfollowing call chain:\\n\\nsh_css_pipe_load_binaries()\\n |-\u003e load_video_binaries(mycs-\u003eyuv_scaler_binary == NULL)\\n |\\n |-\u003e sh_css_pipe_unload_binaries()\\n |-\u003e unload_video_binaries()\\n\\nIn unload_video_binaries(), it calls to ia_css_binary_unload with argument\\n\u0026pipe-\u003epipe_settings.video.yuv_scaler_binary[i], which refers to the\\nsame memory slot as mycs-\u003eyuv_scaler_binary. Thus, a null-pointer\\ndereference is triggered.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se resolvi\\u00f3 la siguiente vulnerabilidad: media: atomisp: ssh_css: corrige una desreferencia de puntero nulo en load_video_binaries La falla de asignaci\\u00f3n de mycs-\u0026gt;yuv_scaler_binary en load_video_binaries() va seguida de una desreferencia de mycs-\u0026gt;yuv_scaler_binary despu\\u00e9s de siguiente cadena de llamadas: sh_css_pipe_load_binaries() |-\u0026gt; load_video_binaries(mycs-\u0026gt;yuv_scaler_binary == NULL) | |-\u0026gt; sh_css_pipe_unload_binaries() |-\u0026gt; unload_video_binaries() En unload_video_binaries(), llama a ia_css_binary_unload con el argumento \u0026amp;pipe-\u0026gt;pipe_settings.video.yuv_scaler_binary[i], que se refiere a la misma ranura de memoria que mycs-\u0026gt;yuv_scaler_binary. Por lo tanto, se activa una desreferencia de puntero nulo.\"}]",
"id": "CVE-2024-38547",
"lastModified": "2024-11-21T09:26:18.783",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
"published": "2024-06-19T14:15:14.973",
"references": "[{\"url\": \"https://git.kernel.org/stable/c/3b621e9e9e148c0928ab109ac3d4b81487469acb\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/4b68b861b514a5c09220d622ac3784c0ebac6c80\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/6482c433863b257b0b9b687c28ce80b89d5f89f0\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/69b27ff82f87379afeaaea4b2f339032fdd8486e\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/82c2c85aead3ea3cbceef4be077cf459c5df2272\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/a1ab99dcc8604afe7e3bccb01b10da03bdd7ea35\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/cc20c87b04db86c8e3e810bcdca686b406206069\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/3b621e9e9e148c0928ab109ac3d4b81487469acb\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/4b68b861b514a5c09220d622ac3784c0ebac6c80\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/6482c433863b257b0b9b687c28ce80b89d5f89f0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/69b27ff82f87379afeaaea4b2f339032fdd8486e\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/82c2c85aead3ea3cbceef4be077cf459c5df2272\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/a1ab99dcc8604afe7e3bccb01b10da03bdd7ea35\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/cc20c87b04db86c8e3e810bcdca686b406206069\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-476\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-38547\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-06-19T14:15:14.973\",\"lastModified\":\"2024-11-21T09:26:18.783\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmedia: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries\\n\\nThe allocation failure of mycs-\u003eyuv_scaler_binary in load_video_binaries()\\nis followed with a dereference of mycs-\u003eyuv_scaler_binary after the\\nfollowing call chain:\\n\\nsh_css_pipe_load_binaries()\\n |-\u003e load_video_binaries(mycs-\u003eyuv_scaler_binary == NULL)\\n |\\n |-\u003e sh_css_pipe_unload_binaries()\\n |-\u003e unload_video_binaries()\\n\\nIn unload_video_binaries(), it calls to ia_css_binary_unload with argument\\n\u0026pipe-\u003epipe_settings.video.yuv_scaler_binary[i], which refers to the\\nsame memory slot as mycs-\u003eyuv_scaler_binary. Thus, a null-pointer\\ndereference is triggered.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: media: atomisp: ssh_css: corrige una desreferencia de puntero nulo en load_video_binaries La falla de asignaci\u00f3n de mycs-\u0026gt;yuv_scaler_binary en load_video_binaries() va seguida de una desreferencia de mycs-\u0026gt;yuv_scaler_binary despu\u00e9s de siguiente cadena de llamadas: sh_css_pipe_load_binaries() |-\u0026gt; load_video_binaries(mycs-\u0026gt;yuv_scaler_binary == NULL) | |-\u0026gt; sh_css_pipe_unload_binaries() |-\u0026gt; unload_video_binaries() En unload_video_binaries(), llama a ia_css_binary_unload con el argumento \u0026amp;pipe-\u0026gt;pipe_settings.video.yuv_scaler_binary[i], que se refiere a la misma ranura de memoria que mycs-\u0026gt;yuv_scaler_binary. Por lo tanto, se activa una desreferencia de puntero nulo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.12\",\"versionEndExcluding\":\"5.10.219\",\"matchCriteriaId\":\"58594503-2699-4CEB-8D05-6DFB3484E37A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.161\",\"matchCriteriaId\":\"31130639-53FE-4726-8986-434EE2528CB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.93\",\"matchCriteriaId\":\"EEFB78EE-F990-4197-BF1C-156760A55667\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.33\",\"matchCriteriaId\":\"FCE796DF-3B50-4DC6-BAE5-95271068FC9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.8.12\",\"matchCriteriaId\":\"80550309-67AB-4FD1-AC07-3DED5C4F01B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.9\",\"versionEndExcluding\":\"6.9.3\",\"matchCriteriaId\":\"E07124C1-19E8-4D21-828D-9932A01D3011\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/3b621e9e9e148c0928ab109ac3d4b81487469acb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4b68b861b514a5c09220d622ac3784c0ebac6c80\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6482c433863b257b0b9b687c28ce80b89d5f89f0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/69b27ff82f87379afeaaea4b2f339032fdd8486e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/82c2c85aead3ea3cbceef4be077cf459c5df2272\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a1ab99dcc8604afe7e3bccb01b10da03bdd7ea35\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cc20c87b04db86c8e3e810bcdca686b406206069\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3b621e9e9e148c0928ab109ac3d4b81487469acb\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4b68b861b514a5c09220d622ac3784c0ebac6c80\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6482c433863b257b0b9b687c28ce80b89d5f89f0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/69b27ff82f87379afeaaea4b2f339032fdd8486e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/82c2c85aead3ea3cbceef4be077cf459c5df2272\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a1ab99dcc8604afe7e3bccb01b10da03bdd7ea35\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cc20c87b04db86c8e3e810bcdca686b406206069\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/4b68b861b514a5c09220d622ac3784c0ebac6c80\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/82c2c85aead3ea3cbceef4be077cf459c5df2272\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/a1ab99dcc8604afe7e3bccb01b10da03bdd7ea35\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/cc20c87b04db86c8e3e810bcdca686b406206069\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/69b27ff82f87379afeaaea4b2f339032fdd8486e\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/6482c433863b257b0b9b687c28ce80b89d5f89f0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/3b621e9e9e148c0928ab109ac3d4b81487469acb\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T04:12:25.564Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-38547\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T17:15:00.678473Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T12:42:27.186Z\"}}], \"cna\": {\"title\": \"media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"a49d25364dfb\", \"lessThan\": \"4b68b861b514\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a49d25364dfb\", \"lessThan\": \"82c2c85aead3\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a49d25364dfb\", \"lessThan\": \"a1ab99dcc860\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a49d25364dfb\", \"lessThan\": \"cc20c87b04db\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a49d25364dfb\", \"lessThan\": \"69b27ff82f87\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a49d25364dfb\", \"lessThan\": \"6482c433863b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a49d25364dfb\", \"lessThan\": \"3b621e9e9e14\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/staging/media/atomisp/pci/sh_css.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.12\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.12\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.10.219\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.161\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.93\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.33\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.8.12\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.8.*\"}, {\"status\": \"unaffected\", \"version\": \"6.9.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.9.*\"}, {\"status\": \"unaffected\", \"version\": \"6.10\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/staging/media/atomisp/pci/sh_css.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/4b68b861b514a5c09220d622ac3784c0ebac6c80\"}, {\"url\": \"https://git.kernel.org/stable/c/82c2c85aead3ea3cbceef4be077cf459c5df2272\"}, {\"url\": \"https://git.kernel.org/stable/c/a1ab99dcc8604afe7e3bccb01b10da03bdd7ea35\"}, {\"url\": \"https://git.kernel.org/stable/c/cc20c87b04db86c8e3e810bcdca686b406206069\"}, {\"url\": \"https://git.kernel.org/stable/c/69b27ff82f87379afeaaea4b2f339032fdd8486e\"}, {\"url\": \"https://git.kernel.org/stable/c/6482c433863b257b0b9b687c28ce80b89d5f89f0\"}, {\"url\": \"https://git.kernel.org/stable/c/3b621e9e9e148c0928ab109ac3d4b81487469acb\"}], \"x_generator\": {\"engine\": \"bippy-9e1c9544281a\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmedia: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries\\n\\nThe allocation failure of mycs-\u003eyuv_scaler_binary in load_video_binaries()\\nis followed with a dereference of mycs-\u003eyuv_scaler_binary after the\\nfollowing call chain:\\n\\nsh_css_pipe_load_binaries()\\n |-\u003e load_video_binaries(mycs-\u003eyuv_scaler_binary == NULL)\\n |\\n |-\u003e sh_css_pipe_unload_binaries()\\n |-\u003e unload_video_binaries()\\n\\nIn unload_video_binaries(), it calls to ia_css_binary_unload with argument\\n\u0026pipe-\u003epipe_settings.video.yuv_scaler_binary[i], which refers to the\\nsame memory slot as mycs-\u003eyuv_scaler_binary. Thus, a null-pointer\\ndereference is triggered.\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-11-05T09:29:38.972Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-38547\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-05T09:29:38.972Z\", \"dateReserved\": \"2024-06-18T19:36:34.919Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-06-19T13:35:20.689Z\", \"assignerShortName\": \"Linux\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
suse-su-2024:2394-1
Vulnerability from csaf_suse
Published
2024-07-10 16:03
Modified
2024-07-10 16:03
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958.
- CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391).
- CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426).
- CVE-2021-47538: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1225448).
- CVE-2021-47539: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() (bsc#1225452).
- CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467).
- CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).
- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
- CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389).
- CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678).
- CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
- CVE-2023-52658: Revert 'net/mlx5: Block entering switchdev mode with ns inconsistency' (bsc#1224719).
- CVE-2023-52667: net/mlx5e: fix a potential double-free in fs_any_create_groups (bsc#1224603).
- CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696).
- CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614).
- CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504).
- CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475).
- CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946).
- CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105).
- CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602).
- CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).
- CVE-2023-52869: pstore/platform: Add check for kstrdup (bsc#1225050).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2023-52882: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (bsc#1225692).
- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
- CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1221282, bsc#1222072).
- CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364).
- CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
- CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641).
- CVE-2024-27432: net: ethernet: mtk_eth_soc: fix PPE hanging issue (bsc#1224716).
- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
- CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
- CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712).
- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
- CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605).
- CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612).
- CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).
- CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520).
- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).
- CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498).
- CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497).
- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
- CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)
- CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677).
- CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588).
- CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552).
- CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539).
- CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540).
- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).
- CVE-2024-36020: i40e: fix vf may be used uninitialized in this function warning (bsc#1225698).
- CVE-2024-36021: net: hns3: fix kernel crash when devlink reload during pf initialization (bsc#1225699).
- CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841).
- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
- CVE-2024-36890: mm/slab: make __free(kfree) accept error pointers (bsc#1225714).
- CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
- CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759).
- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).
- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
- CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834).
- CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
- CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823).
- CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872)
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
- CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).
- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
- CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066).
- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
- CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587).
- CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).
- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).
- CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
- CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774).
- CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781).
- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
- CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
- CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771).
- CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634).
- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
- CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734).
- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).
- CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842).
- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).
- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).
- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
- CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886).
- CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
- CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103.
- CVE-2024-39469: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (bsc#1226992).
The following non-security bugs were fixed:
- ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes).
- ACPICA: Revert 'ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.' (git-fixes).
- ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes).
- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).
- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).
- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).
- ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes).
- ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes).
- ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes).
- ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes).
- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).
- ALSA: timer: Set lower bound of start tick time (stable-fixes).
- ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes).
- ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git-fixes).
- ASoC: da7219-aad: fix usage of device_get_named_child_node() (stable-fixes).
- ASoC: fsl-asoc-card: set priv->pdev before using it (git-fixes).
- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (stable-fixes).
- ASoC: rt715-sdca: volume step modification (stable-fixes).
- ASoC: rt715: add vendor clear control register (stable-fixes).
- Add remote for nfs maintainer
- Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes).
- Fix new build warnings regarding unused variables: Changed build warnings: ***** 2 warnings ***** * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_queue_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_queue_cap_unlink_work': ../fs/ceph/mds_client.c:2421:22: warning: unused variable 'cl' [-Wunused-variable] * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_cap_unlink_work': ../fs/ceph/mds_client.c:2436:22: warning: unused variable 'cl' [-Wunused-variable]
- HID: core: remove unnecessary WARN_ON() in implement() (git-fixes).
- HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git-fixes).
- Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes).
- NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847).
- NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).
- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).
- PCI/ASPM: Update save_state when configuration changes (bsc#1226915)
- PCI: Clear Secondary Status errors after enumeration (bsc#1226928)
- RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300).
- RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300).
- RDMA/hns: Fix incorrect sge nums calculation (git-fixes)
- RDMA/irdma: Drop unused kernel push code (git-fixes)
- RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)
- Revert 'Add remote for nfs maintainer'
- Revert 'build initrd without systemd' (bsc#1195775)'
- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).
- USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git-fixes).
- X.509: Fix the parser of extended key usage for length (bsc#1218820).
- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).
- arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8690).
- arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8690).
- arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8690).
- arm64: mm: do not acquire mutex when rewriting swapper (jsc#PED-8690).
- ata: ahci: Clean up sysfs file on error (git-fixes).
- ata: libata-core: Fix double free on error (git-fixes).
- ata: libata-core: Fix null pointer dereference on error (git-fixes).
- batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes).
- bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener (git-fixes).
- btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted (bsc#1221282).
- cachefiles: remove requests from xarray during flushing requests (bsc#1226588).
- ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022).
- ceph: always check dir caps asynchronously (bsc#1226022).
- ceph: always queue a writeback when revoking the Fb caps (bsc#1226022).
- ceph: break the check delayed cap loop every 5s (bsc#1226022).
- ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022).
- cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).
- cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).
- cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
- cgroup: Remove unnecessary list_empty() (bsc#1222254).
- cgroup: preserve KABI of cgroup_root (bsc#1222254).
- cifs: fix hang in wait_for_response() (bsc#1220812, bsc#1220368).
- cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes).
- crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes).
- dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git-fixes).
- dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes).
- drivers: core: synchronize really_probe() and dev_uevent() (git-fixes).
- drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes).
- drm/amd/display: Add dtbclk access to dcn315 (stable-fixes).
- drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes).
- drm/amd/display: drop unnecessary NULL checks in debugfs (stable-fixes).
- drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes).
- drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes).
- drm/amdgpu/mes: fix use-after-free issue (stable-fixes).
- drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes).
- drm/amdgpu: Update BO eviction priorities (stable-fixes).
- drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes).
- drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes).
- drm/amdkfd: Rework kfd_locked handling (bsc#1225872)
- drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes).
- drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes).
- drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes).
- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).
- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).
- drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes).
- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).
- drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes).
- drm/komeda: check for error-valued pointer (git-fixes).
- drm/lima: add mask irq callback to gp and pp (stable-fixes).
- drm/lima: mask irqs in timeout path before hard reset (stable-fixes).
- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).
- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).
- drm/msm/dp: Return IRQ_NONE for unhandled interrupts (stable-fixes).
- drm/msm: Enable clamp_to_idle for 7c3 (stable-fixes).
- drm/panel-samsung-atna33xc20: Use ktime_get_boottime for delays (stable-fixes).
- drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes).
- drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes).
- drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes).
- gpio: davinci: Validate the obtained number of IRQs (git-fixes).
- gpio: tqmx86: fix typo in Kconfig label (git-fixes).
- gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes).
- gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes).
- hwmon: (shtc1) Fix property misspelling (git-fixes).
- i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: ocores: set IACK bit after core is enabled (git-fixes).
- i2c: testunit: discard write requests while old command is running (git-fixes).
- i2c: testunit: do not erase registers after STOP (git-fixes).
- iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes).
- iio: adc: ad7266: Fix variable checking bug (git-fixes).
- iio: adc: ad9467: fix scan type sign (git-fixes).
- iio: chemical: bme680: Fix calibration data variable (git-fixes).
- iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes).
- iio: chemical: bme680: Fix pressure value output (git-fixes).
- iio: chemical: bme680: Fix sensor data read operation (git-fixes).
- iio: dac: ad5592r: fix temperature channel scaling value (git-fixes).
- iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes).
- intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes).
- iommu/amd: Fix sysfs leak in iommu init (git-fixes).
- iommu: Return right value in iommu_sva_bind_device() (git-fixes).
- iommu: mtk: fix module autoloading (git-fixes).
- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
- kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes).
- kbuild: do not include include/config/auto.conf from shell scripts (bsc#1227274).
- kconfig: doc: fix a typo in the note about 'imply' (git-fixes).
- kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes).
- kernel-doc: fix struct_group_tagged() parsing (git-fixes).
- lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (git-fixes).
- media: flexcop-usb: clean up endpoint sanity checks (stable-fixes).
- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).
- media: ipu3-cio2: Use temporary storage for struct device pointer (stable-fixes).
- media: lgdt3306a: Add a check against null-pointer-def (stable-fixes).
- media: mxl5xx: Move xpt structures off stack (stable-fixes).
- media: radio-shark2: Avoid led_names truncations (git-fixes).
- media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes).
- mei: me: release irq in mei_me_pci_resume error path (git-fixes).
- mkspec-dtb: add toplevel symlinks also on arm
- mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes).
- mmc: core: Do not force a retune before RPMB switch (stable-fixes).
- mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes).
- mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes).
- mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes).
- mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes).
- mmc: sdhci: Do not invert write-protect twice (git-fixes).
- mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes).
- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).
- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).
- mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel (stable-fixes).
- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).
- mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes).
- mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes).
- mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes).
- net/mlx5e: Fix a race in command alloc flow (git-fixes).
- net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes).
- net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes).
- net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes).
- net: ena: Fix redundant device NUMA node override (jsc#PED-8690).
- net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491).
- net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes).
- net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes).
- net: usb: ax88179_178a: improve link status logs (git-fixes).
- net: usb: ax88179_178a: improve reset check (git-fixes).
- net: usb: qmi_wwan: add Telit FN920C04 compositions (stable-fixes).
- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).
- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).
- nilfs2: fix potential hang in nilfs_detach_log_writer() (stable-fixes).
- nvme: find numa distance only if controller has valid numa id (git-fixes).
- nvmet-passthru: propagate status from id override functions (git-fixes).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git-fixes).
- pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes).
- pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes).
- random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953).
- regulator: bd71815: fix ramp values (git-fixes).
- regulator: core: Fix modpost error 'regulator_get_regmap' undefined (git-fixes).
- regulator: irq_helpers: duplicate IRQ name (stable-fixes).
- regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes).
- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.
- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.
- rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.
- rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ('ARM: dts: Move .dts files to vendor sub-directories'). So switch to them.
- sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791).
- scsi: sd: Update DIX config every time sd_revalidate_disk() is called (bsc#1218570).
- smb: client: ensure to try all targets when finding nested links (bsc#1224020).
- smb: client: guarantee refcounted children from parent session (bsc#1224679).
- soundwire: cadence: fix invalid PDI offset (stable-fixes).
- spi: stm32: Do not warn about spurious interrupts (git-fixes).
- supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570)
- supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional.
- supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems.
- tty: mcf: MCF54418 has 10 UARTS (git-fixes).
- usb-storage: alauda: Check whether the media is initialized (git-fixes).
- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).
- usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes).
- usb: fotg210-hcd: delete an incorrect bounds test (git-fixes).
- usb: gadget: printer: fix races against disable (git-fixes).
- usb: musb: da8xx: fix a resource leak in probe() (git-fixes).
- usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes).
- usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git-fixes).
- usb: typec: ucsi: Ack also failed Get Error commands (git-fixes).
- usb: typec: ucsi: Never send a lone connector change ack (git-fixes).
- usb: xhci: Implement xhci_handshake_check_state() helper (git-fixes).
- usb: xhci: address off-by-one in xhci_num_trbs_free() (git-fixes).
- usb: xhci: improve debug message in xhci_ring_expansion_needed() (git-fixes).
- watchdog: bd9576: Drop 'always-running' property (git-fixes).
- watchdog: bd9576_wdt: switch to using devm_fwnode_gpiod_get() (stable-fixes).
- wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes).
- wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes).
- wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes).
- wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git-fixes).
- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes).
- wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes).
- wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes).
- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git-fixes).
- wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes).
- wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes).
- wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes).
- x86/mce: Dynamically size space for machine check records (bsc#1222241).
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
- xfs: make sure sb_fdblocks is non-negative (bsc#1225419).
- xhci: Fix failure to detect ring expansion need (git-fixes).
- xhci: Fix transfer ring expansion size calculation (git-fixes).
- xhci: Handle TD clearing for multiple streams case (git-fixes).
- xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).
- xhci: Stop unnecessary tracking of free trbs in a ring (git-fixes).
- xhci: fix matching completion events with TDs (git-fixes).
- xhci: remove unused stream_id parameter from xhci_handle_halted_endpoint() (git-fixes).
- xhci: restre deleted trb fields for tracing (git-fixes).
- xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes).
- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).
- xhci: update event ring dequeue pointer position to controller correctly (git-fixes).
Patchnames
SUSE-2024-2394,SUSE-SLE-Micro-5.5-2024-2394,SUSE-SLE-Module-Live-Patching-15-SP5-2024-2394,SUSE-SLE-Module-RT-15-SP5-2024-2394,openSUSE-SLE-15.5-2024-2394
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958.\n- CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391).\n- CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426).\n- CVE-2021-47538: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1225448).\n- CVE-2021-47539: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() (bsc#1225452).\n- CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467).\n- CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).\n- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).\n- CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389).\n- CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678).\n- CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).\n- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).\n- CVE-2023-52658: Revert \u0027net/mlx5: Block entering switchdev mode with ns inconsistency\u0027 (bsc#1224719).\n- CVE-2023-52667: net/mlx5e: fix a potential double-free in fs_any_create_groups (bsc#1224603).\n- CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696).\n- CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614).\n- CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504).\n- CVE-2023-52735: bpf, sockmap: Don\u0027t let sock_map_{close,destroy,unhash} call itself (bsc#1225475).\n- CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).\n- CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946).\n- CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105).\n- CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602).\n- CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).\n- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).\n- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).\n- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).\n- CVE-2023-52869: pstore/platform: Add check for kstrdup (bsc#1225050).\n- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).\n- CVE-2023-52882: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (bsc#1225692).\n- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)\n- CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1221282, bsc#1222072).\n- CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364).\n- CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).\n- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).\n- CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641).\n- CVE-2024-27432: net: ethernet: mtk_eth_soc: fix PPE hanging issue (bsc#1224716).\n- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).\n- CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).\n- CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver\u0027s default device attribute group (bsc#1224712).\n- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).\n- CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605).\n- CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612).\n- CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619).\n- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).\n- CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).\n- CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520).\n- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).\n- CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498).\n- CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497).\n- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).\n- CVE-2024-35950: drm/client: Fully protect modes with dev-\u003emode_config.mutex (bsc#1224703).\n- CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)\n- CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677).\n- CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588).\n- CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552).\n- CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539).\n- CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540).\n- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).\n- CVE-2024-36020: i40e: fix vf may be used uninitialized in this function warning (bsc#1225698).\n- CVE-2024-36021: net: hns3: fix kernel crash when devlink reload during pf initialization (bsc#1225699).\n- CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring \u0027power\u0027 and \u0027submit_queues\u0027 (bsc#1226841).\n- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).\n- CVE-2024-36890: mm/slab: make __free(kfree) accept error pointers (bsc#1225714).\n- CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).\n- CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726).\n- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).\n- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).\n- CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759).\n- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).\n- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).\n- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).\n- CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834).\n- CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).\n- CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823).\n- CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872)\n- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).\n- CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).\n- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).\n- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).\n- CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066).\n- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).\n- CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587).\n- CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).\n- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).\n- CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).\n- CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774).\n- CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781).\n- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).\n- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).\n- CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).\n- CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771).\n- CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634).\n- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).\n- CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734).\n- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).\n- CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842).\n- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).\n- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).\n- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).\n- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).\n- CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886).\n- CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).\n- CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103.\n- CVE-2024-39469: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (bsc#1226992).\n\nThe following non-security bugs were fixed:\n\n- ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes).\n- ACPICA: Revert \u0027ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\u0027 (git-fixes).\n- ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes).\n- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).\n- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).\n- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).\n- ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes).\n- ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes).\n- ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes).\n- ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes).\n- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).\n- ALSA: timer: Set lower bound of start tick time (stable-fixes).\n- ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes).\n- ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git-fixes).\n- ASoC: da7219-aad: fix usage of device_get_named_child_node() (stable-fixes).\n- ASoC: fsl-asoc-card: set priv-\u003epdev before using it (git-fixes).\n- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (stable-fixes).\n- ASoC: rt715-sdca: volume step modification (stable-fixes).\n- ASoC: rt715: add vendor clear control register (stable-fixes).\n- Add remote for nfs maintainer\n- Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes).\n- Fix new build warnings regarding unused variables: Changed build warnings: ***** 2 warnings ***** * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_queue_cap_unlink_work ../fs/ceph/mds_client.c: In function \u0027ceph_queue_cap_unlink_work\u0027: ../fs/ceph/mds_client.c:2421:22: warning: unused variable \u0027cl\u0027 [-Wunused-variable] * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_cap_unlink_work ../fs/ceph/mds_client.c: In function \u0027ceph_cap_unlink_work\u0027: ../fs/ceph/mds_client.c:2436:22: warning: unused variable \u0027cl\u0027 [-Wunused-variable]\n- HID: core: remove unnecessary WARN_ON() in implement() (git-fixes).\n- HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git-fixes).\n- Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes).\n- NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847).\n- NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).\n- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).\n- PCI/ASPM: Update save_state when configuration changes (bsc#1226915)\n- PCI: Clear Secondary Status errors after enumeration (bsc#1226928)\n- RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300).\n- RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300).\n- RDMA/hns: Fix incorrect sge nums calculation (git-fixes)\n- RDMA/irdma: Drop unused kernel push code (git-fixes)\n- RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)\n- Revert \u0027Add remote for nfs maintainer\u0027\n- Revert \u0027build initrd without systemd\u0027 (bsc#1195775)\u0027\n- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).\n- USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git-fixes).\n- X.509: Fix the parser of extended key usage for length (bsc#1218820).\n- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).\n- arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8690).\n- arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8690).\n- arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8690).\n- arm64: mm: do not acquire mutex when rewriting swapper (jsc#PED-8690).\n- ata: ahci: Clean up sysfs file on error (git-fixes).\n- ata: libata-core: Fix double free on error (git-fixes).\n- ata: libata-core: Fix null pointer dereference on error (git-fixes).\n- batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes).\n- bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener (git-fixes).\n- btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted (bsc#1221282).\n- cachefiles: remove requests from xarray during flushing requests (bsc#1226588).\n- ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022).\n- ceph: always check dir caps asynchronously (bsc#1226022).\n- ceph: always queue a writeback when revoking the Fb caps (bsc#1226022).\n- ceph: break the check delayed cap loop every 5s (bsc#1226022).\n- ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022).\n- cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).\n- cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).\n- cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).\n- cgroup: Remove unnecessary list_empty() (bsc#1222254).\n- cgroup: preserve KABI of cgroup_root (bsc#1222254).\n- cifs: fix hang in wait_for_response() (bsc#1220812, bsc#1220368).\n- cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes).\n- crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes).\n- dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git-fixes).\n- dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes).\n- drivers: core: synchronize really_probe() and dev_uevent() (git-fixes).\n- drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes).\n- drm/amd/display: Add dtbclk access to dcn315 (stable-fixes).\n- drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes).\n- drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes).\n- drm/amd/display: drop unnecessary NULL checks in debugfs (stable-fixes).\n- drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes).\n- drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes).\n- drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes).\n- drm/amdgpu/mes: fix use-after-free issue (stable-fixes).\n- drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes).\n- drm/amdgpu: Update BO eviction priorities (stable-fixes).\n- drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes).\n- drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes).\n- drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes).\n- drm/amdkfd: Rework kfd_locked handling (bsc#1225872)\n- drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes).\n- drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes).\n- drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes).\n- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).\n- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).\n- drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes).\n- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).\n- drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes).\n- drm/komeda: check for error-valued pointer (git-fixes).\n- drm/lima: add mask irq callback to gp and pp (stable-fixes).\n- drm/lima: mask irqs in timeout path before hard reset (stable-fixes).\n- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).\n- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).\n- drm/msm/dp: Return IRQ_NONE for unhandled interrupts (stable-fixes).\n- drm/msm: Enable clamp_to_idle for 7c3 (stable-fixes).\n- drm/panel-samsung-atna33xc20: Use ktime_get_boottime for delays (stable-fixes).\n- drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes).\n- drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes).\n- drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes).\n- drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes).\n- gpio: davinci: Validate the obtained number of IRQs (git-fixes).\n- gpio: tqmx86: fix typo in Kconfig label (git-fixes).\n- gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes).\n- gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes).\n- hwmon: (shtc1) Fix property misspelling (git-fixes).\n- i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes).\n- i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes).\n- i2c: ocores: set IACK bit after core is enabled (git-fixes).\n- i2c: testunit: discard write requests while old command is running (git-fixes).\n- i2c: testunit: do not erase registers after STOP (git-fixes).\n- iio: accel: fxls8962af: select IIO_BUFFER \u0026 IIO_KFIFO_BUF (git-fixes).\n- iio: adc: ad7266: Fix variable checking bug (git-fixes).\n- iio: adc: ad9467: fix scan type sign (git-fixes).\n- iio: chemical: bme680: Fix calibration data variable (git-fixes).\n- iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes).\n- iio: chemical: bme680: Fix pressure value output (git-fixes).\n- iio: chemical: bme680: Fix sensor data read operation (git-fixes).\n- iio: dac: ad5592r: fix temperature channel scaling value (git-fixes).\n- iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes).\n- intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes).\n- iommu/amd: Fix sysfs leak in iommu init (git-fixes).\n- iommu: Return right value in iommu_sva_bind_device() (git-fixes).\n- iommu: mtk: fix module autoloading (git-fixes).\n- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)\n- kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes).\n- kbuild: do not include include/config/auto.conf from shell scripts (bsc#1227274).\n- kconfig: doc: fix a typo in the note about \u0027imply\u0027 (git-fixes).\n- kconfig: fix comparison to constant symbols, \u0027m\u0027, \u0027n\u0027 (git-fixes).\n- kernel-doc: fix struct_group_tagged() parsing (git-fixes).\n- lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (git-fixes).\n- media: flexcop-usb: clean up endpoint sanity checks (stable-fixes).\n- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).\n- media: ipu3-cio2: Use temporary storage for struct device pointer (stable-fixes).\n- media: lgdt3306a: Add a check against null-pointer-def (stable-fixes).\n- media: mxl5xx: Move xpt structures off stack (stable-fixes).\n- media: radio-shark2: Avoid led_names truncations (git-fixes).\n- media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes).\n- mei: me: release irq in mei_me_pci_resume error path (git-fixes).\n- mkspec-dtb: add toplevel symlinks also on arm\n- mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes).\n- mmc: core: Do not force a retune before RPMB switch (stable-fixes).\n- mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes).\n- mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes).\n- mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes).\n- mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes).\n- mmc: sdhci: Do not invert write-protect twice (git-fixes).\n- mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes).\n- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).\n- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).\n- mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel (stable-fixes).\n- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).\n- mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes).\n- mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes).\n- mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes).\n- net/mlx5e: Fix a race in command alloc flow (git-fixes).\n- net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes).\n- net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes).\n- net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes).\n- net: ena: Fix redundant device NUMA node override (jsc#PED-8690).\n- net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491).\n- net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes).\n- net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes).\n- net: usb: ax88179_178a: improve link status logs (git-fixes).\n- net: usb: ax88179_178a: improve reset check (git-fixes).\n- net: usb: qmi_wwan: add Telit FN920C04 compositions (stable-fixes).\n- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).\n- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).\n- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).\n- nilfs2: fix potential hang in nilfs_detach_log_writer() (stable-fixes).\n- nvme: find numa distance only if controller has valid numa id (git-fixes).\n- nvmet-passthru: propagate status from id override functions (git-fixes).\n- ocfs2: adjust enabling place for la window (bsc#1219224).\n- ocfs2: fix sparse warnings (bsc#1219224).\n- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).\n- ocfs2: speed up chain-list searching (bsc#1219224).\n- pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git-fixes).\n- pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes).\n- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes).\n- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes).\n- pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes).\n- pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes).\n- random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953).\n- regulator: bd71815: fix ramp values (git-fixes).\n- regulator: core: Fix modpost error \u0027regulator_get_regmap\u0027 undefined (git-fixes).\n- regulator: irq_helpers: duplicate IRQ name (stable-fixes).\n- regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes).\n- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.\n- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.\n- rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.\n- rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 (\u0027ARM: dts: Move .dts files to vendor sub-directories\u0027). So switch to them.\n- sched/core: Fix incorrect initialization of the \u0027burst\u0027 parameter in cpu_max_write() (bsc#1226791).\n- scsi: sd: Update DIX config every time sd_revalidate_disk() is called (bsc#1218570).\n- smb: client: ensure to try all targets when finding nested links (bsc#1224020).\n- smb: client: guarantee refcounted children from parent session (bsc#1224679).\n- soundwire: cadence: fix invalid PDI offset (stable-fixes).\n- spi: stm32: Do not warn about spurious interrupts (git-fixes).\n- supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570)\n- supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional.\n- supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems.\n- tty: mcf: MCF54418 has 10 UARTS (git-fixes).\n- usb-storage: alauda: Check whether the media is initialized (git-fixes).\n- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).\n- usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes).\n- usb: fotg210-hcd: delete an incorrect bounds test (git-fixes).\n- usb: gadget: printer: fix races against disable (git-fixes).\n- usb: musb: da8xx: fix a resource leak in probe() (git-fixes).\n- usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes).\n- usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git-fixes).\n- usb: typec: ucsi: Ack also failed Get Error commands (git-fixes).\n- usb: typec: ucsi: Never send a lone connector change ack (git-fixes).\n- usb: xhci: Implement xhci_handshake_check_state() helper (git-fixes).\n- usb: xhci: address off-by-one in xhci_num_trbs_free() (git-fixes).\n- usb: xhci: improve debug message in xhci_ring_expansion_needed() (git-fixes).\n- watchdog: bd9576: Drop \u0027always-running\u0027 property (git-fixes).\n- watchdog: bd9576_wdt: switch to using devm_fwnode_gpiod_get() (stable-fixes).\n- wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes).\n- wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes).\n- wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes).\n- wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git-fixes).\n- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes).\n- wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes).\n- wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes).\n- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git-fixes).\n- wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes).\n- wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes).\n- wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes).\n- wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes).\n- wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes).\n- x86/mce: Dynamically size space for machine check records (bsc#1222241).\n- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).\n- xfs: make sure sb_fdblocks is non-negative (bsc#1225419).\n- xhci: Fix failure to detect ring expansion need (git-fixes).\n- xhci: Fix transfer ring expansion size calculation (git-fixes).\n- xhci: Handle TD clearing for multiple streams case (git-fixes).\n- xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).\n- xhci: Stop unnecessary tracking of free trbs in a ring (git-fixes).\n- xhci: fix matching completion events with TDs (git-fixes).\n- xhci: remove unused stream_id parameter from xhci_handle_halted_endpoint() (git-fixes).\n- xhci: restre deleted trb fields for tracing (git-fixes).\n- xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes).\n- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).\n- xhci: update event ring dequeue pointer position to controller correctly (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-2394,SUSE-SLE-Micro-5.5-2024-2394,SUSE-SLE-Module-Live-Patching-15-SP5-2024-2394,SUSE-SLE-Module-RT-15-SP5-2024-2394,openSUSE-SLE-15.5-2024-2394",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2394-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:2394-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:2394-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-July/035907.html"
},
{
"category": "self",
"summary": "SUSE Bug 1156395",
"url": "https://bugzilla.suse.com/1156395"
},
{
"category": "self",
"summary": "SUSE Bug 1190336",
"url": "https://bugzilla.suse.com/1190336"
},
{
"category": "self",
"summary": "SUSE Bug 1191958",
"url": "https://bugzilla.suse.com/1191958"
},
{
"category": "self",
"summary": "SUSE Bug 1193883",
"url": "https://bugzilla.suse.com/1193883"
},
{
"category": "self",
"summary": "SUSE Bug 1194826",
"url": "https://bugzilla.suse.com/1194826"
},
{
"category": "self",
"summary": "SUSE Bug 1195065",
"url": "https://bugzilla.suse.com/1195065"
},
{
"category": "self",
"summary": "SUSE Bug 1195254",
"url": "https://bugzilla.suse.com/1195254"
},
{
"category": "self",
"summary": "SUSE Bug 1195341",
"url": "https://bugzilla.suse.com/1195341"
},
{
"category": "self",
"summary": "SUSE Bug 1195349",
"url": "https://bugzilla.suse.com/1195349"
},
{
"category": "self",
"summary": "SUSE Bug 1195775",
"url": "https://bugzilla.suse.com/1195775"
},
{
"category": "self",
"summary": "SUSE Bug 1196746",
"url": "https://bugzilla.suse.com/1196746"
},
{
"category": "self",
"summary": "SUSE Bug 1197915",
"url": "https://bugzilla.suse.com/1197915"
},
{
"category": "self",
"summary": "SUSE Bug 1198014",
"url": "https://bugzilla.suse.com/1198014"
},
{
"category": "self",
"summary": "SUSE Bug 1199295",
"url": "https://bugzilla.suse.com/1199295"
},
{
"category": "self",
"summary": "SUSE Bug 1202767",
"url": "https://bugzilla.suse.com/1202767"
},
{
"category": "self",
"summary": "SUSE Bug 1202780",
"url": "https://bugzilla.suse.com/1202780"
},
{
"category": "self",
"summary": "SUSE Bug 1205205",
"url": "https://bugzilla.suse.com/1205205"
},
{
"category": "self",
"summary": "SUSE Bug 1207361",
"url": "https://bugzilla.suse.com/1207361"
},
{
"category": "self",
"summary": "SUSE Bug 1217912",
"url": "https://bugzilla.suse.com/1217912"
},
{
"category": "self",
"summary": "SUSE Bug 1218148",
"url": "https://bugzilla.suse.com/1218148"
},
{
"category": "self",
"summary": "SUSE Bug 1218570",
"url": "https://bugzilla.suse.com/1218570"
},
{
"category": "self",
"summary": "SUSE Bug 1218820",
"url": "https://bugzilla.suse.com/1218820"
},
{
"category": "self",
"summary": "SUSE Bug 1219224",
"url": "https://bugzilla.suse.com/1219224"
},
{
"category": "self",
"summary": "SUSE Bug 1219633",
"url": "https://bugzilla.suse.com/1219633"
},
{
"category": "self",
"summary": "SUSE Bug 1219847",
"url": "https://bugzilla.suse.com/1219847"
},
{
"category": "self",
"summary": "SUSE Bug 1220368",
"url": "https://bugzilla.suse.com/1220368"
},
{
"category": "self",
"summary": "SUSE Bug 1220812",
"url": "https://bugzilla.suse.com/1220812"
},
{
"category": "self",
"summary": "SUSE Bug 1220958",
"url": "https://bugzilla.suse.com/1220958"
},
{
"category": "self",
"summary": "SUSE Bug 1221086",
"url": "https://bugzilla.suse.com/1221086"
},
{
"category": "self",
"summary": "SUSE Bug 1221282",
"url": "https://bugzilla.suse.com/1221282"
},
{
"category": "self",
"summary": "SUSE Bug 1221958",
"url": "https://bugzilla.suse.com/1221958"
},
{
"category": "self",
"summary": "SUSE Bug 1222015",
"url": "https://bugzilla.suse.com/1222015"
},
{
"category": "self",
"summary": "SUSE Bug 1222072",
"url": "https://bugzilla.suse.com/1222072"
},
{
"category": "self",
"summary": "SUSE Bug 1222080",
"url": "https://bugzilla.suse.com/1222080"
},
{
"category": "self",
"summary": "SUSE Bug 1222241",
"url": "https://bugzilla.suse.com/1222241"
},
{
"category": "self",
"summary": "SUSE Bug 1222254",
"url": "https://bugzilla.suse.com/1222254"
},
{
"category": "self",
"summary": "SUSE Bug 1222364",
"url": "https://bugzilla.suse.com/1222364"
},
{
"category": "self",
"summary": "SUSE Bug 1222893",
"url": "https://bugzilla.suse.com/1222893"
},
{
"category": "self",
"summary": "SUSE Bug 1223013",
"url": "https://bugzilla.suse.com/1223013"
},
{
"category": "self",
"summary": "SUSE Bug 1223018",
"url": "https://bugzilla.suse.com/1223018"
},
{
"category": "self",
"summary": "SUSE Bug 1223265",
"url": "https://bugzilla.suse.com/1223265"
},
{
"category": "self",
"summary": "SUSE Bug 1223384",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "self",
"summary": "SUSE Bug 1223641",
"url": "https://bugzilla.suse.com/1223641"
},
{
"category": "self",
"summary": "SUSE Bug 1224020",
"url": "https://bugzilla.suse.com/1224020"
},
{
"category": "self",
"summary": "SUSE Bug 1224331",
"url": "https://bugzilla.suse.com/1224331"
},
{
"category": "self",
"summary": "SUSE Bug 1224488",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "self",
"summary": "SUSE Bug 1224497",
"url": "https://bugzilla.suse.com/1224497"
},
{
"category": "self",
"summary": "SUSE Bug 1224498",
"url": "https://bugzilla.suse.com/1224498"
},
{
"category": "self",
"summary": "SUSE Bug 1224504",
"url": "https://bugzilla.suse.com/1224504"
},
{
"category": "self",
"summary": "SUSE Bug 1224520",
"url": "https://bugzilla.suse.com/1224520"
},
{
"category": "self",
"summary": "SUSE Bug 1224539",
"url": "https://bugzilla.suse.com/1224539"
},
{
"category": "self",
"summary": "SUSE Bug 1224540",
"url": "https://bugzilla.suse.com/1224540"
},
{
"category": "self",
"summary": "SUSE Bug 1224552",
"url": "https://bugzilla.suse.com/1224552"
},
{
"category": "self",
"summary": "SUSE Bug 1224583",
"url": "https://bugzilla.suse.com/1224583"
},
{
"category": "self",
"summary": "SUSE Bug 1224588",
"url": "https://bugzilla.suse.com/1224588"
},
{
"category": "self",
"summary": "SUSE Bug 1224602",
"url": "https://bugzilla.suse.com/1224602"
},
{
"category": "self",
"summary": "SUSE Bug 1224603",
"url": "https://bugzilla.suse.com/1224603"
},
{
"category": "self",
"summary": "SUSE Bug 1224605",
"url": "https://bugzilla.suse.com/1224605"
},
{
"category": "self",
"summary": "SUSE Bug 1224612",
"url": "https://bugzilla.suse.com/1224612"
},
{
"category": "self",
"summary": "SUSE Bug 1224614",
"url": "https://bugzilla.suse.com/1224614"
},
{
"category": "self",
"summary": "SUSE Bug 1224619",
"url": "https://bugzilla.suse.com/1224619"
},
{
"category": "self",
"summary": "SUSE Bug 1224661",
"url": "https://bugzilla.suse.com/1224661"
},
{
"category": "self",
"summary": "SUSE Bug 1224662",
"url": "https://bugzilla.suse.com/1224662"
},
{
"category": "self",
"summary": "SUSE Bug 1224670",
"url": "https://bugzilla.suse.com/1224670"
},
{
"category": "self",
"summary": "SUSE Bug 1224671",
"url": "https://bugzilla.suse.com/1224671"
},
{
"category": "self",
"summary": "SUSE Bug 1224674",
"url": "https://bugzilla.suse.com/1224674"
},
{
"category": "self",
"summary": "SUSE Bug 1224677",
"url": "https://bugzilla.suse.com/1224677"
},
{
"category": "self",
"summary": "SUSE Bug 1224679",
"url": "https://bugzilla.suse.com/1224679"
},
{
"category": "self",
"summary": "SUSE Bug 1224696",
"url": "https://bugzilla.suse.com/1224696"
},
{
"category": "self",
"summary": "SUSE Bug 1224703",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "self",
"summary": "SUSE Bug 1224712",
"url": "https://bugzilla.suse.com/1224712"
},
{
"category": "self",
"summary": "SUSE Bug 1224716",
"url": "https://bugzilla.suse.com/1224716"
},
{
"category": "self",
"summary": "SUSE Bug 1224719",
"url": "https://bugzilla.suse.com/1224719"
},
{
"category": "self",
"summary": "SUSE Bug 1224735",
"url": "https://bugzilla.suse.com/1224735"
},
{
"category": "self",
"summary": "SUSE Bug 1224749",
"url": "https://bugzilla.suse.com/1224749"
},
{
"category": "self",
"summary": "SUSE Bug 1224764",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "self",
"summary": "SUSE Bug 1224765",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "self",
"summary": "SUSE Bug 1224766",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "self",
"summary": "SUSE Bug 1224935",
"url": "https://bugzilla.suse.com/1224935"
},
{
"category": "self",
"summary": "SUSE Bug 1224946",
"url": "https://bugzilla.suse.com/1224946"
},
{
"category": "self",
"summary": "SUSE Bug 1224951",
"url": "https://bugzilla.suse.com/1224951"
},
{
"category": "self",
"summary": "SUSE Bug 1225050",
"url": "https://bugzilla.suse.com/1225050"
},
{
"category": "self",
"summary": "SUSE Bug 1225098",
"url": "https://bugzilla.suse.com/1225098"
},
{
"category": "self",
"summary": "SUSE Bug 1225105",
"url": "https://bugzilla.suse.com/1225105"
},
{
"category": "self",
"summary": "SUSE Bug 1225300",
"url": "https://bugzilla.suse.com/1225300"
},
{
"category": "self",
"summary": "SUSE Bug 1225389",
"url": "https://bugzilla.suse.com/1225389"
},
{
"category": "self",
"summary": "SUSE Bug 1225391",
"url": "https://bugzilla.suse.com/1225391"
},
{
"category": "self",
"summary": "SUSE Bug 1225419",
"url": "https://bugzilla.suse.com/1225419"
},
{
"category": "self",
"summary": "SUSE Bug 1225426",
"url": "https://bugzilla.suse.com/1225426"
},
{
"category": "self",
"summary": "SUSE Bug 1225448",
"url": "https://bugzilla.suse.com/1225448"
},
{
"category": "self",
"summary": "SUSE Bug 1225452",
"url": "https://bugzilla.suse.com/1225452"
},
{
"category": "self",
"summary": "SUSE Bug 1225467",
"url": "https://bugzilla.suse.com/1225467"
},
{
"category": "self",
"summary": "SUSE Bug 1225475",
"url": "https://bugzilla.suse.com/1225475"
},
{
"category": "self",
"summary": "SUSE Bug 1225484",
"url": "https://bugzilla.suse.com/1225484"
},
{
"category": "self",
"summary": "SUSE Bug 1225487",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "self",
"summary": "SUSE Bug 1225514",
"url": "https://bugzilla.suse.com/1225514"
},
{
"category": "self",
"summary": "SUSE Bug 1225518",
"url": "https://bugzilla.suse.com/1225518"
},
{
"category": "self",
"summary": "SUSE Bug 1225535",
"url": "https://bugzilla.suse.com/1225535"
},
{
"category": "self",
"summary": "SUSE Bug 1225585",
"url": "https://bugzilla.suse.com/1225585"
},
{
"category": "self",
"summary": "SUSE Bug 1225602",
"url": "https://bugzilla.suse.com/1225602"
},
{
"category": "self",
"summary": "SUSE Bug 1225611",
"url": "https://bugzilla.suse.com/1225611"
},
{
"category": "self",
"summary": "SUSE Bug 1225681",
"url": "https://bugzilla.suse.com/1225681"
},
{
"category": "self",
"summary": "SUSE Bug 1225692",
"url": "https://bugzilla.suse.com/1225692"
},
{
"category": "self",
"summary": "SUSE Bug 1225698",
"url": "https://bugzilla.suse.com/1225698"
},
{
"category": "self",
"summary": "SUSE Bug 1225699",
"url": "https://bugzilla.suse.com/1225699"
},
{
"category": "self",
"summary": "SUSE Bug 1225704",
"url": "https://bugzilla.suse.com/1225704"
},
{
"category": "self",
"summary": "SUSE Bug 1225714",
"url": "https://bugzilla.suse.com/1225714"
},
{
"category": "self",
"summary": "SUSE Bug 1225726",
"url": "https://bugzilla.suse.com/1225726"
},
{
"category": "self",
"summary": "SUSE Bug 1225732",
"url": "https://bugzilla.suse.com/1225732"
},
{
"category": "self",
"summary": "SUSE Bug 1225737",
"url": "https://bugzilla.suse.com/1225737"
},
{
"category": "self",
"summary": "SUSE Bug 1225749",
"url": "https://bugzilla.suse.com/1225749"
},
{
"category": "self",
"summary": "SUSE Bug 1225758",
"url": "https://bugzilla.suse.com/1225758"
},
{
"category": "self",
"summary": "SUSE Bug 1225759",
"url": "https://bugzilla.suse.com/1225759"
},
{
"category": "self",
"summary": "SUSE Bug 1225760",
"url": "https://bugzilla.suse.com/1225760"
},
{
"category": "self",
"summary": "SUSE Bug 1225767",
"url": "https://bugzilla.suse.com/1225767"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1225823",
"url": "https://bugzilla.suse.com/1225823"
},
{
"category": "self",
"summary": "SUSE Bug 1225834",
"url": "https://bugzilla.suse.com/1225834"
},
{
"category": "self",
"summary": "SUSE Bug 1225840",
"url": "https://bugzilla.suse.com/1225840"
},
{
"category": "self",
"summary": "SUSE Bug 1225866",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "self",
"summary": "SUSE Bug 1225872",
"url": "https://bugzilla.suse.com/1225872"
},
{
"category": "self",
"summary": "SUSE Bug 1225894",
"url": "https://bugzilla.suse.com/1225894"
},
{
"category": "self",
"summary": "SUSE Bug 1226022",
"url": "https://bugzilla.suse.com/1226022"
},
{
"category": "self",
"summary": "SUSE Bug 1226131",
"url": "https://bugzilla.suse.com/1226131"
},
{
"category": "self",
"summary": "SUSE Bug 1226145",
"url": "https://bugzilla.suse.com/1226145"
},
{
"category": "self",
"summary": "SUSE Bug 1226149",
"url": "https://bugzilla.suse.com/1226149"
},
{
"category": "self",
"summary": "SUSE Bug 1226155",
"url": "https://bugzilla.suse.com/1226155"
},
{
"category": "self",
"summary": "SUSE Bug 1226211",
"url": "https://bugzilla.suse.com/1226211"
},
{
"category": "self",
"summary": "SUSE Bug 1226212",
"url": "https://bugzilla.suse.com/1226212"
},
{
"category": "self",
"summary": "SUSE Bug 1226226",
"url": "https://bugzilla.suse.com/1226226"
},
{
"category": "self",
"summary": "SUSE Bug 1226514",
"url": "https://bugzilla.suse.com/1226514"
},
{
"category": "self",
"summary": "SUSE Bug 1226520",
"url": "https://bugzilla.suse.com/1226520"
},
{
"category": "self",
"summary": "SUSE Bug 1226537",
"url": "https://bugzilla.suse.com/1226537"
},
{
"category": "self",
"summary": "SUSE Bug 1226538",
"url": "https://bugzilla.suse.com/1226538"
},
{
"category": "self",
"summary": "SUSE Bug 1226539",
"url": "https://bugzilla.suse.com/1226539"
},
{
"category": "self",
"summary": "SUSE Bug 1226550",
"url": "https://bugzilla.suse.com/1226550"
},
{
"category": "self",
"summary": "SUSE Bug 1226552",
"url": "https://bugzilla.suse.com/1226552"
},
{
"category": "self",
"summary": "SUSE Bug 1226553",
"url": "https://bugzilla.suse.com/1226553"
},
{
"category": "self",
"summary": "SUSE Bug 1226554",
"url": "https://bugzilla.suse.com/1226554"
},
{
"category": "self",
"summary": "SUSE Bug 1226556",
"url": "https://bugzilla.suse.com/1226556"
},
{
"category": "self",
"summary": "SUSE Bug 1226557",
"url": "https://bugzilla.suse.com/1226557"
},
{
"category": "self",
"summary": "SUSE Bug 1226558",
"url": "https://bugzilla.suse.com/1226558"
},
{
"category": "self",
"summary": "SUSE Bug 1226559",
"url": "https://bugzilla.suse.com/1226559"
},
{
"category": "self",
"summary": "SUSE Bug 1226561",
"url": "https://bugzilla.suse.com/1226561"
},
{
"category": "self",
"summary": "SUSE Bug 1226562",
"url": "https://bugzilla.suse.com/1226562"
},
{
"category": "self",
"summary": "SUSE Bug 1226563",
"url": "https://bugzilla.suse.com/1226563"
},
{
"category": "self",
"summary": "SUSE Bug 1226564",
"url": "https://bugzilla.suse.com/1226564"
},
{
"category": "self",
"summary": "SUSE Bug 1226566",
"url": "https://bugzilla.suse.com/1226566"
},
{
"category": "self",
"summary": "SUSE Bug 1226567",
"url": "https://bugzilla.suse.com/1226567"
},
{
"category": "self",
"summary": "SUSE Bug 1226569",
"url": "https://bugzilla.suse.com/1226569"
},
{
"category": "self",
"summary": "SUSE Bug 1226572",
"url": "https://bugzilla.suse.com/1226572"
},
{
"category": "self",
"summary": "SUSE Bug 1226575",
"url": "https://bugzilla.suse.com/1226575"
},
{
"category": "self",
"summary": "SUSE Bug 1226576",
"url": "https://bugzilla.suse.com/1226576"
},
{
"category": "self",
"summary": "SUSE Bug 1226577",
"url": "https://bugzilla.suse.com/1226577"
},
{
"category": "self",
"summary": "SUSE Bug 1226579",
"url": "https://bugzilla.suse.com/1226579"
},
{
"category": "self",
"summary": "SUSE Bug 1226580",
"url": "https://bugzilla.suse.com/1226580"
},
{
"category": "self",
"summary": "SUSE Bug 1226581",
"url": "https://bugzilla.suse.com/1226581"
},
{
"category": "self",
"summary": "SUSE Bug 1226582",
"url": "https://bugzilla.suse.com/1226582"
},
{
"category": "self",
"summary": "SUSE Bug 1226583",
"url": "https://bugzilla.suse.com/1226583"
},
{
"category": "self",
"summary": "SUSE Bug 1226585",
"url": "https://bugzilla.suse.com/1226585"
},
{
"category": "self",
"summary": "SUSE Bug 1226587",
"url": "https://bugzilla.suse.com/1226587"
},
{
"category": "self",
"summary": "SUSE Bug 1226588",
"url": "https://bugzilla.suse.com/1226588"
},
{
"category": "self",
"summary": "SUSE Bug 1226593",
"url": "https://bugzilla.suse.com/1226593"
},
{
"category": "self",
"summary": "SUSE Bug 1226595",
"url": "https://bugzilla.suse.com/1226595"
},
{
"category": "self",
"summary": "SUSE Bug 1226597",
"url": "https://bugzilla.suse.com/1226597"
},
{
"category": "self",
"summary": "SUSE Bug 1226601",
"url": "https://bugzilla.suse.com/1226601"
},
{
"category": "self",
"summary": "SUSE Bug 1226602",
"url": "https://bugzilla.suse.com/1226602"
},
{
"category": "self",
"summary": "SUSE Bug 1226603",
"url": "https://bugzilla.suse.com/1226603"
},
{
"category": "self",
"summary": "SUSE Bug 1226607",
"url": "https://bugzilla.suse.com/1226607"
},
{
"category": "self",
"summary": "SUSE Bug 1226610",
"url": "https://bugzilla.suse.com/1226610"
},
{
"category": "self",
"summary": "SUSE Bug 1226614",
"url": "https://bugzilla.suse.com/1226614"
},
{
"category": "self",
"summary": "SUSE Bug 1226616",
"url": "https://bugzilla.suse.com/1226616"
},
{
"category": "self",
"summary": "SUSE Bug 1226617",
"url": "https://bugzilla.suse.com/1226617"
},
{
"category": "self",
"summary": "SUSE Bug 1226618",
"url": "https://bugzilla.suse.com/1226618"
},
{
"category": "self",
"summary": "SUSE Bug 1226619",
"url": "https://bugzilla.suse.com/1226619"
},
{
"category": "self",
"summary": "SUSE Bug 1226621",
"url": "https://bugzilla.suse.com/1226621"
},
{
"category": "self",
"summary": "SUSE Bug 1226622",
"url": "https://bugzilla.suse.com/1226622"
},
{
"category": "self",
"summary": "SUSE Bug 1226624",
"url": "https://bugzilla.suse.com/1226624"
},
{
"category": "self",
"summary": "SUSE Bug 1226626",
"url": "https://bugzilla.suse.com/1226626"
},
{
"category": "self",
"summary": "SUSE Bug 1226628",
"url": "https://bugzilla.suse.com/1226628"
},
{
"category": "self",
"summary": "SUSE Bug 1226629",
"url": "https://bugzilla.suse.com/1226629"
},
{
"category": "self",
"summary": "SUSE Bug 1226632",
"url": "https://bugzilla.suse.com/1226632"
},
{
"category": "self",
"summary": "SUSE Bug 1226633",
"url": "https://bugzilla.suse.com/1226633"
},
{
"category": "self",
"summary": "SUSE Bug 1226634",
"url": "https://bugzilla.suse.com/1226634"
},
{
"category": "self",
"summary": "SUSE Bug 1226637",
"url": "https://bugzilla.suse.com/1226637"
},
{
"category": "self",
"summary": "SUSE Bug 1226643",
"url": "https://bugzilla.suse.com/1226643"
},
{
"category": "self",
"summary": "SUSE Bug 1226644",
"url": "https://bugzilla.suse.com/1226644"
},
{
"category": "self",
"summary": "SUSE Bug 1226645",
"url": "https://bugzilla.suse.com/1226645"
},
{
"category": "self",
"summary": "SUSE Bug 1226647",
"url": "https://bugzilla.suse.com/1226647"
},
{
"category": "self",
"summary": "SUSE Bug 1226650",
"url": "https://bugzilla.suse.com/1226650"
},
{
"category": "self",
"summary": "SUSE Bug 1226653",
"url": "https://bugzilla.suse.com/1226653"
},
{
"category": "self",
"summary": "SUSE Bug 1226657",
"url": "https://bugzilla.suse.com/1226657"
},
{
"category": "self",
"summary": "SUSE Bug 1226658",
"url": "https://bugzilla.suse.com/1226658"
},
{
"category": "self",
"summary": "SUSE Bug 1226669",
"url": "https://bugzilla.suse.com/1226669"
},
{
"category": "self",
"summary": "SUSE Bug 1226670",
"url": "https://bugzilla.suse.com/1226670"
},
{
"category": "self",
"summary": "SUSE Bug 1226672",
"url": "https://bugzilla.suse.com/1226672"
},
{
"category": "self",
"summary": "SUSE Bug 1226673",
"url": "https://bugzilla.suse.com/1226673"
},
{
"category": "self",
"summary": "SUSE Bug 1226674",
"url": "https://bugzilla.suse.com/1226674"
},
{
"category": "self",
"summary": "SUSE Bug 1226675",
"url": "https://bugzilla.suse.com/1226675"
},
{
"category": "self",
"summary": "SUSE Bug 1226678",
"url": "https://bugzilla.suse.com/1226678"
},
{
"category": "self",
"summary": "SUSE Bug 1226679",
"url": "https://bugzilla.suse.com/1226679"
},
{
"category": "self",
"summary": "SUSE Bug 1226683",
"url": "https://bugzilla.suse.com/1226683"
},
{
"category": "self",
"summary": "SUSE Bug 1226685",
"url": "https://bugzilla.suse.com/1226685"
},
{
"category": "self",
"summary": "SUSE Bug 1226686",
"url": "https://bugzilla.suse.com/1226686"
},
{
"category": "self",
"summary": "SUSE Bug 1226690",
"url": "https://bugzilla.suse.com/1226690"
},
{
"category": "self",
"summary": "SUSE Bug 1226691",
"url": "https://bugzilla.suse.com/1226691"
},
{
"category": "self",
"summary": "SUSE Bug 1226692",
"url": "https://bugzilla.suse.com/1226692"
},
{
"category": "self",
"summary": "SUSE Bug 1226693",
"url": "https://bugzilla.suse.com/1226693"
},
{
"category": "self",
"summary": "SUSE Bug 1226696",
"url": "https://bugzilla.suse.com/1226696"
},
{
"category": "self",
"summary": "SUSE Bug 1226697",
"url": "https://bugzilla.suse.com/1226697"
},
{
"category": "self",
"summary": "SUSE Bug 1226698",
"url": "https://bugzilla.suse.com/1226698"
},
{
"category": "self",
"summary": "SUSE Bug 1226699",
"url": "https://bugzilla.suse.com/1226699"
},
{
"category": "self",
"summary": "SUSE Bug 1226701",
"url": "https://bugzilla.suse.com/1226701"
},
{
"category": "self",
"summary": "SUSE Bug 1226702",
"url": "https://bugzilla.suse.com/1226702"
},
{
"category": "self",
"summary": "SUSE Bug 1226703",
"url": "https://bugzilla.suse.com/1226703"
},
{
"category": "self",
"summary": "SUSE Bug 1226704",
"url": "https://bugzilla.suse.com/1226704"
},
{
"category": "self",
"summary": "SUSE Bug 1226705",
"url": "https://bugzilla.suse.com/1226705"
},
{
"category": "self",
"summary": "SUSE Bug 1226706",
"url": "https://bugzilla.suse.com/1226706"
},
{
"category": "self",
"summary": "SUSE Bug 1226708",
"url": "https://bugzilla.suse.com/1226708"
},
{
"category": "self",
"summary": "SUSE Bug 1226709",
"url": "https://bugzilla.suse.com/1226709"
},
{
"category": "self",
"summary": "SUSE Bug 1226710",
"url": "https://bugzilla.suse.com/1226710"
},
{
"category": "self",
"summary": "SUSE Bug 1226711",
"url": "https://bugzilla.suse.com/1226711"
},
{
"category": "self",
"summary": "SUSE Bug 1226712",
"url": "https://bugzilla.suse.com/1226712"
},
{
"category": "self",
"summary": "SUSE Bug 1226713",
"url": "https://bugzilla.suse.com/1226713"
},
{
"category": "self",
"summary": "SUSE Bug 1226715",
"url": "https://bugzilla.suse.com/1226715"
},
{
"category": "self",
"summary": "SUSE Bug 1226716",
"url": "https://bugzilla.suse.com/1226716"
},
{
"category": "self",
"summary": "SUSE Bug 1226718",
"url": "https://bugzilla.suse.com/1226718"
},
{
"category": "self",
"summary": "SUSE Bug 1226719",
"url": "https://bugzilla.suse.com/1226719"
},
{
"category": "self",
"summary": "SUSE Bug 1226720",
"url": "https://bugzilla.suse.com/1226720"
},
{
"category": "self",
"summary": "SUSE Bug 1226721",
"url": "https://bugzilla.suse.com/1226721"
},
{
"category": "self",
"summary": "SUSE Bug 1226730",
"url": "https://bugzilla.suse.com/1226730"
},
{
"category": "self",
"summary": "SUSE Bug 1226732",
"url": "https://bugzilla.suse.com/1226732"
},
{
"category": "self",
"summary": "SUSE Bug 1226734",
"url": "https://bugzilla.suse.com/1226734"
},
{
"category": "self",
"summary": "SUSE Bug 1226735",
"url": "https://bugzilla.suse.com/1226735"
},
{
"category": "self",
"summary": "SUSE Bug 1226737",
"url": "https://bugzilla.suse.com/1226737"
},
{
"category": "self",
"summary": "SUSE Bug 1226738",
"url": "https://bugzilla.suse.com/1226738"
},
{
"category": "self",
"summary": "SUSE Bug 1226739",
"url": "https://bugzilla.suse.com/1226739"
},
{
"category": "self",
"summary": "SUSE Bug 1226740",
"url": "https://bugzilla.suse.com/1226740"
},
{
"category": "self",
"summary": "SUSE Bug 1226744",
"url": "https://bugzilla.suse.com/1226744"
},
{
"category": "self",
"summary": "SUSE Bug 1226746",
"url": "https://bugzilla.suse.com/1226746"
},
{
"category": "self",
"summary": "SUSE Bug 1226747",
"url": "https://bugzilla.suse.com/1226747"
},
{
"category": "self",
"summary": "SUSE Bug 1226749",
"url": "https://bugzilla.suse.com/1226749"
},
{
"category": "self",
"summary": "SUSE Bug 1226754",
"url": "https://bugzilla.suse.com/1226754"
},
{
"category": "self",
"summary": "SUSE Bug 1226762",
"url": "https://bugzilla.suse.com/1226762"
},
{
"category": "self",
"summary": "SUSE Bug 1226764",
"url": "https://bugzilla.suse.com/1226764"
},
{
"category": "self",
"summary": "SUSE Bug 1226767",
"url": "https://bugzilla.suse.com/1226767"
},
{
"category": "self",
"summary": "SUSE Bug 1226768",
"url": "https://bugzilla.suse.com/1226768"
},
{
"category": "self",
"summary": "SUSE Bug 1226769",
"url": "https://bugzilla.suse.com/1226769"
},
{
"category": "self",
"summary": "SUSE Bug 1226771",
"url": "https://bugzilla.suse.com/1226771"
},
{
"category": "self",
"summary": "SUSE Bug 1226774",
"url": "https://bugzilla.suse.com/1226774"
},
{
"category": "self",
"summary": "SUSE Bug 1226777",
"url": "https://bugzilla.suse.com/1226777"
},
{
"category": "self",
"summary": "SUSE Bug 1226780",
"url": "https://bugzilla.suse.com/1226780"
},
{
"category": "self",
"summary": "SUSE Bug 1226781",
"url": "https://bugzilla.suse.com/1226781"
},
{
"category": "self",
"summary": "SUSE Bug 1226785",
"url": "https://bugzilla.suse.com/1226785"
},
{
"category": "self",
"summary": "SUSE Bug 1226786",
"url": "https://bugzilla.suse.com/1226786"
},
{
"category": "self",
"summary": "SUSE Bug 1226789",
"url": "https://bugzilla.suse.com/1226789"
},
{
"category": "self",
"summary": "SUSE Bug 1226791",
"url": "https://bugzilla.suse.com/1226791"
},
{
"category": "self",
"summary": "SUSE Bug 1226839",
"url": "https://bugzilla.suse.com/1226839"
},
{
"category": "self",
"summary": "SUSE Bug 1226840",
"url": "https://bugzilla.suse.com/1226840"
},
{
"category": "self",
"summary": "SUSE Bug 1226841",
"url": "https://bugzilla.suse.com/1226841"
},
{
"category": "self",
"summary": "SUSE Bug 1226842",
"url": "https://bugzilla.suse.com/1226842"
},
{
"category": "self",
"summary": "SUSE Bug 1226848",
"url": "https://bugzilla.suse.com/1226848"
},
{
"category": "self",
"summary": "SUSE Bug 1226852",
"url": "https://bugzilla.suse.com/1226852"
},
{
"category": "self",
"summary": "SUSE Bug 1226857",
"url": "https://bugzilla.suse.com/1226857"
},
{
"category": "self",
"summary": "SUSE Bug 1226861",
"url": "https://bugzilla.suse.com/1226861"
},
{
"category": "self",
"summary": "SUSE Bug 1226863",
"url": "https://bugzilla.suse.com/1226863"
},
{
"category": "self",
"summary": "SUSE Bug 1226864",
"url": "https://bugzilla.suse.com/1226864"
},
{
"category": "self",
"summary": "SUSE Bug 1226867",
"url": "https://bugzilla.suse.com/1226867"
},
{
"category": "self",
"summary": "SUSE Bug 1226868",
"url": "https://bugzilla.suse.com/1226868"
},
{
"category": "self",
"summary": "SUSE Bug 1226876",
"url": "https://bugzilla.suse.com/1226876"
},
{
"category": "self",
"summary": "SUSE Bug 1226878",
"url": "https://bugzilla.suse.com/1226878"
},
{
"category": "self",
"summary": "SUSE Bug 1226883",
"url": "https://bugzilla.suse.com/1226883"
},
{
"category": "self",
"summary": "SUSE Bug 1226886",
"url": "https://bugzilla.suse.com/1226886"
},
{
"category": "self",
"summary": "SUSE Bug 1226890",
"url": "https://bugzilla.suse.com/1226890"
},
{
"category": "self",
"summary": "SUSE Bug 1226891",
"url": "https://bugzilla.suse.com/1226891"
},
{
"category": "self",
"summary": "SUSE Bug 1226895",
"url": "https://bugzilla.suse.com/1226895"
},
{
"category": "self",
"summary": "SUSE Bug 1226908",
"url": "https://bugzilla.suse.com/1226908"
},
{
"category": "self",
"summary": "SUSE Bug 1226915",
"url": "https://bugzilla.suse.com/1226915"
},
{
"category": "self",
"summary": "SUSE Bug 1226928",
"url": "https://bugzilla.suse.com/1226928"
},
{
"category": "self",
"summary": "SUSE Bug 1226948",
"url": "https://bugzilla.suse.com/1226948"
},
{
"category": "self",
"summary": "SUSE Bug 1226949",
"url": "https://bugzilla.suse.com/1226949"
},
{
"category": "self",
"summary": "SUSE Bug 1226950",
"url": "https://bugzilla.suse.com/1226950"
},
{
"category": "self",
"summary": "SUSE Bug 1226953",
"url": "https://bugzilla.suse.com/1226953"
},
{
"category": "self",
"summary": "SUSE Bug 1226962",
"url": "https://bugzilla.suse.com/1226962"
},
{
"category": "self",
"summary": "SUSE Bug 1226976",
"url": "https://bugzilla.suse.com/1226976"
},
{
"category": "self",
"summary": "SUSE Bug 1226992",
"url": "https://bugzilla.suse.com/1226992"
},
{
"category": "self",
"summary": "SUSE Bug 1226994",
"url": "https://bugzilla.suse.com/1226994"
},
{
"category": "self",
"summary": "SUSE Bug 1226996",
"url": "https://bugzilla.suse.com/1226996"
},
{
"category": "self",
"summary": "SUSE Bug 1227066",
"url": "https://bugzilla.suse.com/1227066"
},
{
"category": "self",
"summary": "SUSE Bug 1227096",
"url": "https://bugzilla.suse.com/1227096"
},
{
"category": "self",
"summary": "SUSE Bug 1227101",
"url": "https://bugzilla.suse.com/1227101"
},
{
"category": "self",
"summary": "SUSE Bug 1227103",
"url": "https://bugzilla.suse.com/1227103"
},
{
"category": "self",
"summary": "SUSE Bug 1227274",
"url": "https://bugzilla.suse.com/1227274"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4439 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47089 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47432 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47432/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47515 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47534 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47538 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47539 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47566 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47571 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47572 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47576 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47577 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47578 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47578/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47580 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47582 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47583 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47584 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47585 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47586 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47587 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47589 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47589/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47592 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47595 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47596 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47597 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47600 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47601 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47602 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47603 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47604 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47605 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47607 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47607/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47608 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47610 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47611 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47614 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47615 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47616 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47617 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47618 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47619 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47620 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48711 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48712 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48712/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48713 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48714 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48715 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48716 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48717 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48718 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48720 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48721 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48722 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48723 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48724 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48725 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48726 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48727 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48728 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48729 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48730 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48732 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48733 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48734 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48735 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48736 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48737 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48738 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48739 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48740 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48743 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48744 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48745 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48746 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48746/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48747 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48748 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48749 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48751 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48752 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48753 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48754 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48755 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48756 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48758 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48759 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48760 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48761 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48763 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48765 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48766 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48767 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48768 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48769 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48770 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48771 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48772 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-24023 page",
"url": "https://www.suse.com/security/cve/CVE-2023-24023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52658 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52667 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52670 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52672 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52672/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52675 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52735 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52737 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52766 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52784 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52787 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52800 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52835 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52837 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52843 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52845 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52846 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52869 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52882 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52884 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26625 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26644 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26720 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26842 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26845 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27432 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27432/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-33619 page",
"url": "https://www.suse.com/security/cve/CVE-2024-33619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35247 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35247/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35789 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35790 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35814 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35835 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35848 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35857 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35896 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35962 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36008 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36021 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36025 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36477 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36478 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36479 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36890 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36894 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36915 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36916 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36917 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36919 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36965 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36967 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36969 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36971 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36975 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37021 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37354 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38381 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38381/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38388 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38390 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38390/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38540 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38541 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38544 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38545 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38547 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38548 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38549 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38550 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38552 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38555 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38556 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38557 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38557/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38559 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38560 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38564 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38564/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38567 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38568 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38571 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38573 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38573/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38578 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38578/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38579 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38580 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38581 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38582 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38583 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38587 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38590 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38591 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38594 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38597 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38599 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38599/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38600 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38603 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38605 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38616 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38619 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38627 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38627/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38630 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38633 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38634 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38635 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38659 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38780 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39301 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39468 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39469 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39471 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39471/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-07-10T16:03:48Z",
"generator": {
"date": "2024-07-10T16:03:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:2394-1",
"initial_release_date": "2024-07-10T16:03:48Z",
"revision_history": [
{
"date": "2024-07-10T16:03:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"product": {
"name": "kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"product_id": "kernel-devel-rt-5.14.21-150500.13.61.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"product": {
"name": "kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"product_id": "kernel-source-rt-5.14.21-150500.13.61.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"product_id": "dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"product_id": "gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "kernel-rt-5.14.21-150500.13.61.1.x86_64",
"product_id": "kernel-rt-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"product_id": "kernel-rt-devel-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"product_id": "kernel-rt-extra-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"product_id": "kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"product_id": "kernel-rt-optional-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"product_id": "kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"product_id": "kernel-rt_debug-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"product_id": "kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"product_id": "kernel-syms-rt-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"product_id": "kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP5",
"product": {
"name": "SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.14.21-150500.13.61.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.14.21-150500.13.61.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch"
},
"product_reference": "kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64 as component of SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64 as component of SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64 as component of SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.14.21-150500.13.61.1.noarch as component of SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch"
},
"product_reference": "kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.14.21-150500.13.61.1.x86_64 as component of SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-5.14.21-150500.13.61.1.x86_64 as component of SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64 as component of SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-5.14.21-150500.13.61.1.x86_64 as component of SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64 as component of SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64 as component of SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.14.21-150500.13.61.1.noarch as component of SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch"
},
"product_reference": "kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-5.14.21-150500.13.61.1.x86_64 as component of SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64 as component of SUSE Real Time Module 15 SP5",
"product_id": "SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.14.21-150500.13.61.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch"
},
"product_reference": "kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-extra-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-optional-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.14.21-150500.13.61.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch"
},
"product_reference": "kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
},
"product_reference": "reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: cpai: check ctr-\u003ecnr to avoid array index out of bound\n\nThe cmtp_add_connection() would add a cmtp session to a controller\nand run a kernel thread to process cmtp.\n\n\t__module_get(THIS_MODULE);\n\tsession-\u003etask = kthread_run(cmtp_session, session, \"kcmtpd_ctr_%d\",\n\t\t\t\t\t\t\t\tsession-\u003enum);\n\nDuring this process, the kernel thread would call detach_capi_ctr()\nto detach a register controller. if the controller\nwas not attached yet, detach_capi_ctr() would\ntrigger an array-index-out-bounds bug.\n\n[ 46.866069][ T6479] UBSAN: array-index-out-of-bounds in\ndrivers/isdn/capi/kcapi.c:483:21\n[ 46.867196][ T6479] index -1 is out of range for type \u0027capi_ctr *[32]\u0027\n[ 46.867982][ T6479] CPU: 1 PID: 6479 Comm: kcmtpd_ctr_0 Not tainted\n5.15.0-rc2+ #8\n[ 46.869002][ T6479] Hardware name: QEMU Standard PC (i440FX + PIIX,\n1996), BIOS 1.14.0-2 04/01/2014\n[ 46.870107][ T6479] Call Trace:\n[ 46.870473][ T6479] dump_stack_lvl+0x57/0x7d\n[ 46.870974][ T6479] ubsan_epilogue+0x5/0x40\n[ 46.871458][ T6479] __ubsan_handle_out_of_bounds.cold+0x43/0x48\n[ 46.872135][ T6479] detach_capi_ctr+0x64/0xc0\n[ 46.872639][ T6479] cmtp_session+0x5c8/0x5d0\n[ 46.873131][ T6479] ? __init_waitqueue_head+0x60/0x60\n[ 46.873712][ T6479] ? cmtp_add_msgpart+0x120/0x120\n[ 46.874256][ T6479] kthread+0x147/0x170\n[ 46.874709][ T6479] ? set_kthread_struct+0x40/0x40\n[ 46.875248][ T6479] ret_from_fork+0x1f/0x30\n[ 46.875773][ T6479]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4439",
"url": "https://www.suse.com/security/cve/CVE-2021-4439"
},
{
"category": "external",
"summary": "SUSE Bug 1226670 for CVE-2021-4439",
"url": "https://bugzilla.suse.com/1226670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-4439"
},
{
"cve": "CVE-2021-47089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkfence: fix memory leak when cat kfence objects\n\nHulk robot reported a kmemleak problem:\n\n unreferenced object 0xffff93d1d8cc02e8 (size 248):\n comm \"cat\", pid 23327, jiffies 4624670141 (age 495992.217s)\n hex dump (first 32 bytes):\n 00 40 85 19 d4 93 ff ff 00 10 00 00 00 00 00 00 .@..............\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n seq_open+0x2a/0x80\n full_proxy_open+0x167/0x1e0\n do_dentry_open+0x1e1/0x3a0\n path_openat+0x961/0xa20\n do_filp_open+0xae/0x120\n do_sys_openat2+0x216/0x2f0\n do_sys_open+0x57/0x80\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n unreferenced object 0xffff93d419854000 (size 4096):\n comm \"cat\", pid 23327, jiffies 4624670141 (age 495992.217s)\n hex dump (first 32 bytes):\n 6b 66 65 6e 63 65 2d 23 32 35 30 3a 20 30 78 30 kfence-#250: 0x0\n 30 30 30 30 30 30 30 37 35 34 62 64 61 31 32 2d 0000000754bda12-\n backtrace:\n seq_read_iter+0x313/0x440\n seq_read+0x14b/0x1a0\n full_proxy_read+0x56/0x80\n vfs_read+0xa5/0x1b0\n ksys_read+0xa0/0xf0\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nI find that we can easily reproduce this problem with the following\ncommands:\n\n\tcat /sys/kernel/debug/kfence/objects\n\techo scan \u003e /sys/kernel/debug/kmemleak\n\tcat /sys/kernel/debug/kmemleak\n\nThe leaked memory is allocated in the stack below:\n\n do_syscall_64\n do_sys_open\n do_dentry_open\n full_proxy_open\n seq_open ---\u003e alloc seq_file\n vfs_read\n full_proxy_read\n seq_read\n seq_read_iter\n traverse ---\u003e alloc seq_buf\n\nAnd it should have been released in the following process:\n\n do_syscall_64\n syscall_exit_to_user_mode\n exit_to_user_mode_prepare\n task_work_run\n ____fput\n __fput\n full_proxy_release ---\u003e free here\n\nHowever, the release function corresponding to file_operations is not\nimplemented in kfence. As a result, a memory leak occurs. Therefore,\nthe solution to this problem is to implement the corresponding release\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47089",
"url": "https://www.suse.com/security/cve/CVE-2021-47089"
},
{
"category": "external",
"summary": "SUSE Bug 1220958 for CVE-2021-47089",
"url": "https://bugzilla.suse.com/1220958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2021-47089"
},
{
"cve": "CVE-2021-47432",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47432"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/generic-radix-tree.c: Don\u0027t overflow in peek()\n\nWhen we started spreading new inode numbers throughout most of the 64\nbit inode space, that triggered some corner case bugs, in particular\nsome integer overflows related to the radix tree code. Oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47432",
"url": "https://www.suse.com/security/cve/CVE-2021-47432"
},
{
"category": "external",
"summary": "SUSE Bug 1225391 for CVE-2021-47432",
"url": "https://bugzilla.suse.com/1225391"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47432"
},
{
"cve": "CVE-2021-47515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nseg6: fix the iif in the IPv6 socket control block\n\nWhen an IPv4 packet is received, the ip_rcv_core(...) sets the receiving\ninterface index into the IPv4 socket control block (v5.16-rc4,\nnet/ipv4/ip_input.c line 510):\n\n IPCB(skb)-\u003eiif = skb-\u003eskb_iif;\n\nIf that IPv4 packet is meant to be encapsulated in an outer IPv6+SRH\nheader, the seg6_do_srh_encap(...) performs the required encapsulation.\nIn this case, the seg6_do_srh_encap function clears the IPv6 socket control\nblock (v5.16-rc4 net/ipv6/seg6_iptunnel.c line 163):\n\n memset(IP6CB(skb), 0, sizeof(*IP6CB(skb)));\n\nThe memset(...) was introduced in commit ef489749aae5 (\"ipv6: sr: clear\nIP6CB(skb) on SRH ip4ip6 encapsulation\") a long time ago (2019-01-29).\n\nSince the IPv6 socket control block and the IPv4 socket control block share\nthe same memory area (skb-\u003ecb), the receiving interface index info is lost\n(IP6CB(skb)-\u003eiif is set to zero).\n\nAs a side effect, that condition triggers a NULL pointer dereference if\ncommit 0857d6f8c759 (\"ipv6: When forwarding count rx stats on the orig\nnetdev\") is applied.\n\nTo fix that issue, we set the IP6CB(skb)-\u003eiif with the index of the\nreceiving interface once again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47515",
"url": "https://www.suse.com/security/cve/CVE-2021-47515"
},
{
"category": "external",
"summary": "SUSE Bug 1225426 for CVE-2021-47515",
"url": "https://bugzilla.suse.com/1225426"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47515"
},
{
"cve": "CVE-2021-47534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47534"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: kms: Add missing drm_crtc_commit_put\n\nCommit 9ec03d7f1ed3 (\"drm/vc4: kms: Wait on previous FIFO users before a\ncommit\") introduced a global state for the HVS, with each FIFO storing\nthe current CRTC commit so that we can properly synchronize commits.\n\nHowever, the refcounting was off and we thus ended up leaking the\ndrm_crtc_commit structure every commit. Add a drm_crtc_commit_put to\nprevent the leakage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47534",
"url": "https://www.suse.com/security/cve/CVE-2021-47534"
},
{
"category": "external",
"summary": "SUSE Bug 1230903 for CVE-2021-47534",
"url": "https://bugzilla.suse.com/1230903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47534"
},
{
"cve": "CVE-2021-47538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47538"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()\n\nNeed to call rxrpc_put_local() for peer candidate before kfree() as it\nholds a ref to rxrpc_local.\n\n[DH: v2: Changed to abstract the peer freeing code out into a function]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47538",
"url": "https://www.suse.com/security/cve/CVE-2021-47538"
},
{
"category": "external",
"summary": "SUSE Bug 1225448 for CVE-2021-47538",
"url": "https://bugzilla.suse.com/1225448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2021-47538"
},
{
"cve": "CVE-2021-47539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47539"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()\n\nNeed to call rxrpc_put_peer() for bundle candidate before kfree() as it\nholds a ref to rxrpc_peer.\n\n[DH: v2: Changed to abstract out the bundle freeing code into a function]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47539",
"url": "https://www.suse.com/security/cve/CVE-2021-47539"
},
{
"category": "external",
"summary": "SUSE Bug 1225452 for CVE-2021-47539",
"url": "https://bugzilla.suse.com/1225452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2021-47539"
},
{
"cve": "CVE-2021-47555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: vlan: fix underflow for the real_dev refcnt\n\nInject error before dev_hold(real_dev) in register_vlan_dev(),\nand execute the following testcase:\n\nip link add dev dummy1 type dummy\nip link add name dummy1.100 link dummy1 type vlan id 100\nip link del dev dummy1\n\nWhen the dummy netdevice is removed, we will get a WARNING as following:\n\n=======================================================================\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 2 PID: 0 at lib/refcount.c:31 refcount_warn_saturate+0xbf/0x1e0\n\nand an endless loop of:\n\n=======================================================================\nunregister_netdevice: waiting for dummy1 to become free. Usage count = -1073741824\n\nThat is because dev_put(real_dev) in vlan_dev_free() be called without\ndev_hold(real_dev) in register_vlan_dev(). It makes the refcnt of real_dev\nunderflow.\n\nMove the dev_hold(real_dev) to vlan_dev_init() which is the call-back of\nndo_init(). That makes dev_hold() and dev_put() for vlan\u0027s real_dev\nsymmetrical.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47555",
"url": "https://www.suse.com/security/cve/CVE-2021-47555"
},
{
"category": "external",
"summary": "SUSE Bug 1225467 for CVE-2021-47555",
"url": "https://bugzilla.suse.com/1225467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47555"
},
{
"cve": "CVE-2021-47566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nproc/vmcore: fix clearing user buffer by properly using clear_user()\n\nTo clear a user buffer we cannot simply use memset, we have to use\nclear_user(). With a virtio-mem device that registers a vmcore_cb and\nhas some logically unplugged memory inside an added Linux memory block,\nI can easily trigger a BUG by copying the vmcore via \"cp\":\n\n systemd[1]: Starting Kdump Vmcore Save Service...\n kdump[420]: Kdump is using the default log level(3).\n kdump[453]: saving to /sysroot/var/crash/127.0.0.1-2021-11-11-14:59:22/\n kdump[458]: saving vmcore-dmesg.txt to /sysroot/var/crash/127.0.0.1-2021-11-11-14:59:22/\n kdump[465]: saving vmcore-dmesg.txt complete\n kdump[467]: saving vmcore\n BUG: unable to handle page fault for address: 00007f2374e01000\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0003) - permissions violation\n PGD 7a523067 P4D 7a523067 PUD 7a528067 PMD 7a525067 PTE 800000007048f867\n Oops: 0003 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 468 Comm: cp Not tainted 5.15.0+ #6\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.14.0-27-g64f37cc530f1-prebuilt.qemu.org 04/01/2014\n RIP: 0010:read_from_oldmem.part.0.cold+0x1d/0x86\n Code: ff ff ff e8 05 ff fe ff e9 b9 e9 7f ff 48 89 de 48 c7 c7 38 3b 60 82 e8 f1 fe fe ff 83 fd 08 72 3c 49 8d 7d 08 4c 89 e9 89 e8 \u003c49\u003e c7 45 00 00 00 00 00 49 c7 44 05 f8 00 00 00 00 48 83 e7 f81\n RSP: 0018:ffffc9000073be08 EFLAGS: 00010212\n RAX: 0000000000001000 RBX: 00000000002fd000 RCX: 00007f2374e01000\n RDX: 0000000000000001 RSI: 00000000ffffdfff RDI: 00007f2374e01008\n RBP: 0000000000001000 R08: 0000000000000000 R09: ffffc9000073bc50\n R10: ffffc9000073bc48 R11: ffffffff829461a8 R12: 000000000000f000\n R13: 00007f2374e01000 R14: 0000000000000000 R15: ffff88807bd421e8\n FS: 00007f2374e12140(0000) GS:ffff88807f000000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f2374e01000 CR3: 000000007a4aa000 CR4: 0000000000350eb0\n Call Trace:\n read_vmcore+0x236/0x2c0\n proc_reg_read+0x55/0xa0\n vfs_read+0x95/0x190\n ksys_read+0x4f/0xc0\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nSome x86-64 CPUs have a CPU feature called \"Supervisor Mode Access\nPrevention (SMAP)\", which is used to detect wrong access from the kernel\nto user buffers like this: SMAP triggers a permissions violation on\nwrong access. In the x86-64 variant of clear_user(), SMAP is properly\nhandled via clac()+stac().\n\nTo fix, properly use clear_user() when we\u0027re dealing with a user buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47566",
"url": "https://www.suse.com/security/cve/CVE-2021-47566"
},
{
"category": "external",
"summary": "SUSE Bug 1225514 for CVE-2021-47566",
"url": "https://bugzilla.suse.com/1225514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47566"
},
{
"cve": "CVE-2021-47571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()\n\nThe free_rtllib() function frees the \"dev\" pointer so there is use\nafter free on the next line. Re-arrange things to avoid that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47571",
"url": "https://www.suse.com/security/cve/CVE-2021-47571"
},
{
"category": "external",
"summary": "SUSE Bug 1225518 for CVE-2021-47571",
"url": "https://bugzilla.suse.com/1225518"
},
{
"category": "external",
"summary": "SUSE Bug 1227551 for CVE-2021-47571",
"url": "https://bugzilla.suse.com/1227551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2021-47571"
},
{
"cve": "CVE-2021-47572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nexthop: fix null pointer dereference when IPv6 is not enabled\n\nWhen we try to add an IPv6 nexthop and IPv6 is not enabled\n(!CONFIG_IPV6) we\u0027ll hit a NULL pointer dereference[1] in the error path\nof nh_create_ipv6() due to calling ipv6_stub-\u003efib6_nh_release. The bug\nhas been present since the beginning of IPv6 nexthop gateway support.\nCommit 1aefd3de7bc6 (\"ipv6: Add fib6_nh_init and release to stubs\") tells\nus that only fib6_nh_init has a dummy stub because fib6_nh_release should\nnot be called if fib6_nh_init returns an error, but the commit below added\na call to ipv6_stub-\u003efib6_nh_release in its error path. To fix it return\nthe dummy stub\u0027s -EAFNOSUPPORT error directly without calling\nipv6_stub-\u003efib6_nh_release in nh_create_ipv6()\u0027s error path.\n\n[1]\n Output is a bit truncated, but it clearly shows the error.\n BUG: kernel NULL pointer dereference, address: 000000000000000000\n #PF: supervisor instruction fetch in kernel modede\n #PF: error_code(0x0010) - not-present pagege\n PGD 0 P4D 0\n Oops: 0010 [#1] PREEMPT SMP NOPTI\n CPU: 4 PID: 638 Comm: ip Kdump: loaded Not tainted 5.16.0-rc1+ #446\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/01/2014\n RIP: 0010:0x0\n Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\n RSP: 0018:ffff888109f5b8f0 EFLAGS: 00010286^Ac\n RAX: 0000000000000000 RBX: ffff888109f5ba28 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881008a2860\n RBP: ffff888109f5b9d8 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff888109f5b978 R11: ffff888109f5b948 R12: 00000000ffffff9f\n R13: ffff8881008a2a80 R14: ffff8881008a2860 R15: ffff8881008a2840\n FS: 00007f98de70f100(0000) GS:ffff88822bf00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffffffffffd6 CR3: 0000000100efc000 CR4: 00000000000006e0\n Call Trace:\n \u003cTASK\u003e\n nh_create_ipv6+0xed/0x10c\n rtm_new_nexthop+0x6d7/0x13f3\n ? check_preemption_disabled+0x3d/0xf2\n ? lock_is_held_type+0xbe/0xfd\n rtnetlink_rcv_msg+0x23f/0x26a\n ? check_preemption_disabled+0x3d/0xf2\n ? rtnl_calcit.isra.0+0x147/0x147\n netlink_rcv_skb+0x61/0xb2\n netlink_unicast+0x100/0x187\n netlink_sendmsg+0x37f/0x3a0\n ? netlink_unicast+0x187/0x187\n sock_sendmsg_nosec+0x67/0x9b\n ____sys_sendmsg+0x19d/0x1f9\n ? copy_msghdr_from_user+0x4c/0x5e\n ? rcu_read_lock_any_held+0x2a/0x78\n ___sys_sendmsg+0x6c/0x8c\n ? asm_sysvec_apic_timer_interrupt+0x12/0x20\n ? lockdep_hardirqs_on+0xd9/0x102\n ? sockfd_lookup_light+0x69/0x99\n __sys_sendmsg+0x50/0x6e\n do_syscall_64+0xcb/0xf2\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f98dea28914\n Code: 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b5 0f 1f 80 00 00 00 00 48 8d 05 e9 5d 0c 00 8b 00 85 c0 75 13 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 41 54 41 89 d4 55 48 89 f5 53\n RSP: 002b:00007fff859f5e68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e2e\n RAX: ffffffffffffffda RBX: 00000000619cb810 RCX: 00007f98dea28914\n RDX: 0000000000000000 RSI: 00007fff859f5ed0 RDI: 0000000000000003\n RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000008\n R10: fffffffffffffce6 R11: 0000000000000246 R12: 0000000000000001\n R13: 000055c0097ae520 R14: 000055c0097957fd R15: 00007fff859f63a0\n \u003c/TASK\u003e\n Modules linked in: bridge stp llc bonding virtio_net",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47572",
"url": "https://www.suse.com/security/cve/CVE-2021-47572"
},
{
"category": "external",
"summary": "SUSE Bug 1225389 for CVE-2021-47572",
"url": "https://bugzilla.suse.com/1225389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47572"
},
{
"cve": "CVE-2021-47576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()\n\nIn resp_mode_select() sanity check the block descriptor len to avoid UAF.\n\nBUG: KASAN: use-after-free in resp_mode_select+0xa4c/0xb40 drivers/scsi/scsi_debug.c:2509\nRead of size 1 at addr ffff888026670f50 by task scsicmd/15032\n\nCPU: 1 PID: 15032 Comm: scsicmd Not tainted 5.15.0-01d0625 #15\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x89/0xb5 lib/dump_stack.c:107\n print_address_description.constprop.9+0x28/0x160 mm/kasan/report.c:257\n kasan_report.cold.14+0x7d/0x117 mm/kasan/report.c:443\n __asan_report_load1_noabort+0x14/0x20 mm/kasan/report_generic.c:306\n resp_mode_select+0xa4c/0xb40 drivers/scsi/scsi_debug.c:2509\n schedule_resp+0x4af/0x1a10 drivers/scsi/scsi_debug.c:5483\n scsi_debug_queuecommand+0x8c9/0x1e70 drivers/scsi/scsi_debug.c:7537\n scsi_queue_rq+0x16b4/0x2d10 drivers/scsi/scsi_lib.c:1521\n blk_mq_dispatch_rq_list+0xb9b/0x2700 block/blk-mq.c:1640\n __blk_mq_sched_dispatch_requests+0x28f/0x590 block/blk-mq-sched.c:325\n blk_mq_sched_dispatch_requests+0x105/0x190 block/blk-mq-sched.c:358\n __blk_mq_run_hw_queue+0xe5/0x150 block/blk-mq.c:1762\n __blk_mq_delay_run_hw_queue+0x4f8/0x5c0 block/blk-mq.c:1839\n blk_mq_run_hw_queue+0x18d/0x350 block/blk-mq.c:1891\n blk_mq_sched_insert_request+0x3db/0x4e0 block/blk-mq-sched.c:474\n blk_execute_rq_nowait+0x16b/0x1c0 block/blk-exec.c:63\n sg_common_write.isra.18+0xeb3/0x2000 drivers/scsi/sg.c:837\n sg_new_write.isra.19+0x570/0x8c0 drivers/scsi/sg.c:775\n sg_ioctl_common+0x14d6/0x2710 drivers/scsi/sg.c:941\n sg_ioctl+0xa2/0x180 drivers/scsi/sg.c:1166\n __x64_sys_ioctl+0x19d/0x220 fs/ioctl.c:52\n do_syscall_64+0x3a/0x80 arch/x86/entry/common.c:50\n entry_SYSCALL_64_after_hwframe+0x44/0xae arch/x86/entry/entry_64.S:113",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47576",
"url": "https://www.suse.com/security/cve/CVE-2021-47576"
},
{
"category": "external",
"summary": "SUSE Bug 1226537 for CVE-2021-47576",
"url": "https://bugzilla.suse.com/1226537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2021-47576"
},
{
"cve": "CVE-2021-47577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47577"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio-wq: check for wq exit after adding new worker task_work\n\nWe check IO_WQ_BIT_EXIT before attempting to create a new worker, and\nwq exit cancels pending work if we have any. But it\u0027s possible to have\na race between the two, where creation checks exit finding it not set,\nbut we\u0027re in the process of exiting. The exit side will cancel pending\ncreation task_work, but there\u0027s a gap where we add task_work after we\u0027ve\ncanceled existing creations at exit time.\n\nFix this by checking the EXIT bit post adding the creation task_work.\nIf it\u0027s set, run the same cancelation that exit does.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47577",
"url": "https://www.suse.com/security/cve/CVE-2021-47577"
},
{
"category": "external",
"summary": "SUSE Bug 1226538 for CVE-2021-47577",
"url": "https://bugzilla.suse.com/1226538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47577"
},
{
"cve": "CVE-2021-47578",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47578"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Don\u0027t call kcalloc() if size arg is zero\n\nIf the size arg to kcalloc() is zero, it returns ZERO_SIZE_PTR. Because of\nthat, for a following NULL pointer check to work on the returned pointer,\nkcalloc() must not be called with the size arg equal to zero. Return early\nwithout error before the kcalloc() call if size arg is zero.\n\nBUG: KASAN: null-ptr-deref in memcpy include/linux/fortify-string.h:191 [inline]\nBUG: KASAN: null-ptr-deref in sg_copy_buffer+0x138/0x240 lib/scatterlist.c:974\nWrite of size 4 at addr 0000000000000010 by task syz-executor.1/22789\n\nCPU: 1 PID: 22789 Comm: syz-executor.1 Not tainted 5.15.0-syzk #1\nHardware name: Red Hat KVM, BIOS 1.13.0-2\nCall Trace:\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x89/0xb5 lib/dump_stack.c:106\n __kasan_report mm/kasan/report.c:446 [inline]\n kasan_report.cold.14+0x112/0x117 mm/kasan/report.c:459\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0x1a3/0x210 mm/kasan/generic.c:189\n memcpy+0x3b/0x60 mm/kasan/shadow.c:66\n memcpy include/linux/fortify-string.h:191 [inline]\n sg_copy_buffer+0x138/0x240 lib/scatterlist.c:974\n do_dout_fetch drivers/scsi/scsi_debug.c:2954 [inline]\n do_dout_fetch drivers/scsi/scsi_debug.c:2946 [inline]\n resp_verify+0x49e/0x930 drivers/scsi/scsi_debug.c:4276\n schedule_resp+0x4d8/0x1a70 drivers/scsi/scsi_debug.c:5478\n scsi_debug_queuecommand+0x8c9/0x1ec0 drivers/scsi/scsi_debug.c:7533\n scsi_dispatch_cmd drivers/scsi/scsi_lib.c:1520 [inline]\n scsi_queue_rq+0x16b0/0x2d40 drivers/scsi/scsi_lib.c:1699\n blk_mq_dispatch_rq_list+0xb9b/0x2700 block/blk-mq.c:1639\n __blk_mq_sched_dispatch_requests+0x28f/0x590 block/blk-mq-sched.c:325\n blk_mq_sched_dispatch_requests+0x105/0x190 block/blk-mq-sched.c:358\n __blk_mq_run_hw_queue+0xe5/0x150 block/blk-mq.c:1761\n __blk_mq_delay_run_hw_queue+0x4f8/0x5c0 block/blk-mq.c:1838\n blk_mq_run_hw_queue+0x18d/0x350 block/blk-mq.c:1891\n blk_mq_sched_insert_request+0x3db/0x4e0 block/blk-mq-sched.c:474\n blk_execute_rq_nowait+0x16b/0x1c0 block/blk-exec.c:62\n blk_execute_rq+0xdb/0x360 block/blk-exec.c:102\n sg_scsi_ioctl drivers/scsi/scsi_ioctl.c:621 [inline]\n scsi_ioctl+0x8bb/0x15c0 drivers/scsi/scsi_ioctl.c:930\n sg_ioctl_common+0x172d/0x2710 drivers/scsi/sg.c:1112\n sg_ioctl+0xa2/0x180 drivers/scsi/sg.c:1165\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:874 [inline]\n __se_sys_ioctl fs/ioctl.c:860 [inline]\n __x64_sys_ioctl+0x19d/0x220 fs/ioctl.c:860\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3a/0x80 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47578",
"url": "https://www.suse.com/security/cve/CVE-2021-47578"
},
{
"category": "external",
"summary": "SUSE Bug 1226539 for CVE-2021-47578",
"url": "https://bugzilla.suse.com/1226539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47578"
},
{
"cve": "CVE-2021-47580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47580"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Fix type in min_t to avoid stack OOB\n\nChange min_t() to use type \"u32\" instead of type \"int\" to avoid stack out\nof bounds. With min_t() type \"int\" the values get sign extended and the\nlarger value gets used causing stack out of bounds.\n\nBUG: KASAN: stack-out-of-bounds in memcpy include/linux/fortify-string.h:191 [inline]\nBUG: KASAN: stack-out-of-bounds in sg_copy_buffer+0x1de/0x240 lib/scatterlist.c:976\nRead of size 127 at addr ffff888072607128 by task syz-executor.7/18707\n\nCPU: 1 PID: 18707 Comm: syz-executor.7 Not tainted 5.15.0-syzk #1\nHardware name: Red Hat KVM, BIOS 1.13.0-2\nCall Trace:\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x89/0xb5 lib/dump_stack.c:106\n print_address_description.constprop.9+0x28/0x160 mm/kasan/report.c:256\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold.14+0x7d/0x117 mm/kasan/report.c:459\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0x1a3/0x210 mm/kasan/generic.c:189\n memcpy+0x23/0x60 mm/kasan/shadow.c:65\n memcpy include/linux/fortify-string.h:191 [inline]\n sg_copy_buffer+0x1de/0x240 lib/scatterlist.c:976\n sg_copy_from_buffer+0x33/0x40 lib/scatterlist.c:1000\n fill_from_dev_buffer.part.34+0x82/0x130 drivers/scsi/scsi_debug.c:1162\n fill_from_dev_buffer drivers/scsi/scsi_debug.c:1888 [inline]\n resp_readcap16+0x365/0x3b0 drivers/scsi/scsi_debug.c:1887\n schedule_resp+0x4d8/0x1a70 drivers/scsi/scsi_debug.c:5478\n scsi_debug_queuecommand+0x8c9/0x1ec0 drivers/scsi/scsi_debug.c:7533\n scsi_dispatch_cmd drivers/scsi/scsi_lib.c:1520 [inline]\n scsi_queue_rq+0x16b0/0x2d40 drivers/scsi/scsi_lib.c:1699\n blk_mq_dispatch_rq_list+0xb9b/0x2700 block/blk-mq.c:1639\n __blk_mq_sched_dispatch_requests+0x28f/0x590 block/blk-mq-sched.c:325\n blk_mq_sched_dispatch_requests+0x105/0x190 block/blk-mq-sched.c:358\n __blk_mq_run_hw_queue+0xe5/0x150 block/blk-mq.c:1761\n __blk_mq_delay_run_hw_queue+0x4f8/0x5c0 block/blk-mq.c:1838\n blk_mq_run_hw_queue+0x18d/0x350 block/blk-mq.c:1891\n blk_mq_sched_insert_request+0x3db/0x4e0 block/blk-mq-sched.c:474\n blk_execute_rq_nowait+0x16b/0x1c0 block/blk-exec.c:62\n sg_common_write.isra.18+0xeb3/0x2000 drivers/scsi/sg.c:836\n sg_new_write.isra.19+0x570/0x8c0 drivers/scsi/sg.c:774\n sg_ioctl_common+0x14d6/0x2710 drivers/scsi/sg.c:939\n sg_ioctl+0xa2/0x180 drivers/scsi/sg.c:1165\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:874 [inline]\n __se_sys_ioctl fs/ioctl.c:860 [inline]\n __x64_sys_ioctl+0x19d/0x220 fs/ioctl.c:860\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3a/0x80 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47580",
"url": "https://www.suse.com/security/cve/CVE-2021-47580"
},
{
"category": "external",
"summary": "SUSE Bug 1226550 for CVE-2021-47580",
"url": "https://bugzilla.suse.com/1226550"
},
{
"category": "external",
"summary": "SUSE Bug 1227611 for CVE-2021-47580",
"url": "https://bugzilla.suse.com/1227611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47580"
},
{
"cve": "CVE-2021-47582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Make do_proc_control() and do_proc_bulk() killable\n\nThe USBDEVFS_CONTROL and USBDEVFS_BULK ioctls invoke\nusb_start_wait_urb(), which contains an uninterruptible wait with a\nuser-specified timeout value. If timeout value is very large and the\ndevice being accessed does not respond in a reasonable amount of time,\nthe kernel will complain about \"Task X blocked for more than N\nseconds\", as found in testing by syzbot:\n\nINFO: task syz-executor.0:8700 blocked for more than 143 seconds.\n Not tainted 5.14.0-rc7-syzkaller #0\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:syz-executor.0 state:D stack:23192 pid: 8700 ppid: 8455 flags:0x00004004\nCall Trace:\n context_switch kernel/sched/core.c:4681 [inline]\n __schedule+0xc07/0x11f0 kernel/sched/core.c:5938\n schedule+0x14b/0x210 kernel/sched/core.c:6017\n schedule_timeout+0x98/0x2f0 kernel/time/timer.c:1857\n do_wait_for_common+0x2da/0x480 kernel/sched/completion.c:85\n __wait_for_common kernel/sched/completion.c:106 [inline]\n wait_for_common kernel/sched/completion.c:117 [inline]\n wait_for_completion_timeout+0x46/0x60 kernel/sched/completion.c:157\n usb_start_wait_urb+0x167/0x550 drivers/usb/core/message.c:63\n do_proc_bulk+0x978/0x1080 drivers/usb/core/devio.c:1236\n proc_bulk drivers/usb/core/devio.c:1273 [inline]\n usbdev_do_ioctl drivers/usb/core/devio.c:2547 [inline]\n usbdev_ioctl+0x3441/0x6b10 drivers/usb/core/devio.c:2713\n...\n\nTo fix this problem, this patch replaces usbfs\u0027s calls to\nusb_control_msg() and usb_bulk_msg() with special-purpose code that\ndoes essentially the same thing (as recommended in the comment for\nusb_start_wait_urb()), except that it always uses a killable wait and\nit uses GFP_KERNEL rather than GFP_NOIO.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47582",
"url": "https://www.suse.com/security/cve/CVE-2021-47582"
},
{
"category": "external",
"summary": "SUSE Bug 1226559 for CVE-2021-47582",
"url": "https://bugzilla.suse.com/1226559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47582"
},
{
"cve": "CVE-2021-47583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mxl111sf: change mutex_init() location\n\nSyzbot reported, that mxl111sf_ctrl_msg() uses uninitialized\nmutex. The problem was in wrong mutex_init() location.\n\nPrevious mutex_init(\u0026state-\u003emsg_lock) call was in -\u003einit() function, but\ndvb_usbv2_init() has this order of calls:\n\n\tdvb_usbv2_init()\n\t dvb_usbv2_adapter_init()\n\t dvb_usbv2_adapter_frontend_init()\n\t props-\u003efrontend_attach()\n\n\t props-\u003einit()\n\nSince mxl111sf_* devices call mxl111sf_ctrl_msg() in -\u003efrontend_attach()\ninternally we need to initialize state-\u003emsg_lock before\nfrontend_attach(). To achieve it, -\u003eprobe() call added to all mxl111sf_*\ndevices, which will simply initiaize mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47583",
"url": "https://www.suse.com/security/cve/CVE-2021-47583"
},
{
"category": "external",
"summary": "SUSE Bug 1226563 for CVE-2021-47583",
"url": "https://bugzilla.suse.com/1226563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47583"
},
{
"cve": "CVE-2021-47584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47584"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niocost: Fix divide-by-zero on donation from low hweight cgroup\n\nThe donation calculation logic assumes that the donor has non-zero\nafter-donation hweight, so the lowest active hweight a donating cgroup can\nhave is 2 so that it can donate 1 while keeping the other 1 for itself.\nEarlier, we only donated from cgroups with sizable surpluses so this\ncondition was always true. However, with the precise donation algorithm\nimplemented, f1de2439ec43 (\"blk-iocost: revamp donation amount\ndetermination\") made the donation amount calculation exact enabling even low\nhweight cgroups to donate.\n\nThis means that in rare occasions, a cgroup with active hweight of 1 can\nenter donation calculation triggering the following warning and then a\ndivide-by-zero oops.\n\n WARNING: CPU: 4 PID: 0 at block/blk-iocost.c:1928 transfer_surpluses.cold+0x0/0x53 [884/94867]\n ...\n RIP: 0010:transfer_surpluses.cold+0x0/0x53\n Code: 92 ff 48 c7 c7 28 d1 ab b5 65 48 8b 34 25 00 ae 01 00 48 81 c6 90 06 00 00 e8 8b 3f fe ff 48 c7 c0 ea ff ff ff e9 95 ff 92 ff \u003c0f\u003e 0b 48 c7 c7 30 da ab b5 e8 71 3f fe ff 4c 89 e8 4d 85 ed 74 0\n4\n ...\n Call Trace:\n \u003cIRQ\u003e\n ioc_timer_fn+0x1043/0x1390\n call_timer_fn+0xa1/0x2c0\n __run_timers.part.0+0x1ec/0x2e0\n run_timer_softirq+0x35/0x70\n ...\n iocg: invalid donation weights in /a/b: active=1 donating=1 after=0\n\nFix it by excluding cgroups w/ active hweight \u003c 2 from donating. Excluding\nthese extreme low hweight donations shouldn\u0027t affect work conservation in\nany meaningful way.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47584",
"url": "https://www.suse.com/security/cve/CVE-2021-47584"
},
{
"category": "external",
"summary": "SUSE Bug 1226564 for CVE-2021-47584",
"url": "https://bugzilla.suse.com/1226564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47584"
},
{
"cve": "CVE-2021-47585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47585"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix memory leak in __add_inode_ref()\n\nLine 1169 (#3) allocates a memory chunk for victim_name by kmalloc(),\nbut when the function returns in line 1184 (#4) victim_name allocated\nby line 1169 (#3) is not freed, which will lead to a memory leak.\nThere is a similar snippet of code in this function as allocating a memory\nchunk for victim_name in line 1104 (#1) as well as releasing the memory\nin line 1116 (#2).\n\nWe should kfree() victim_name when the return value of backref_in_log()\nis less than zero and before the function returns in line 1184 (#4).\n\n1057 static inline int __add_inode_ref(struct btrfs_trans_handle *trans,\n1058 \t\t\t\t struct btrfs_root *root,\n1059 \t\t\t\t struct btrfs_path *path,\n1060 \t\t\t\t struct btrfs_root *log_root,\n1061 \t\t\t\t struct btrfs_inode *dir,\n1062 \t\t\t\t struct btrfs_inode *inode,\n1063 \t\t\t\t u64 inode_objectid, u64 parent_objectid,\n1064 \t\t\t\t u64 ref_index, char *name, int namelen,\n1065 \t\t\t\t int *search_done)\n1066 {\n\n1104 \tvictim_name = kmalloc(victim_name_len, GFP_NOFS);\n\t// #1: kmalloc (victim_name-1)\n1105 \tif (!victim_name)\n1106 \t\treturn -ENOMEM;\n\n1112\tret = backref_in_log(log_root, \u0026search_key,\n1113\t\t\tparent_objectid, victim_name,\n1114\t\t\tvictim_name_len);\n1115\tif (ret \u003c 0) {\n1116\t\tkfree(victim_name); // #2: kfree (victim_name-1)\n1117\t\treturn ret;\n1118\t} else if (!ret) {\n\n1169 \tvictim_name = kmalloc(victim_name_len, GFP_NOFS);\n\t// #3: kmalloc (victim_name-2)\n1170 \tif (!victim_name)\n1171 \t\treturn -ENOMEM;\n\n1180 \tret = backref_in_log(log_root, \u0026search_key,\n1181 \t\t\tparent_objectid, victim_name,\n1182 \t\t\tvictim_name_len);\n1183 \tif (ret \u003c 0) {\n1184 \t\treturn ret; // #4: missing kfree (victim_name-2)\n1185 \t} else if (!ret) {\n\n1241 \treturn 0;\n1242 }",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47585",
"url": "https://www.suse.com/security/cve/CVE-2021-47585"
},
{
"category": "external",
"summary": "SUSE Bug 1226556 for CVE-2021-47585",
"url": "https://bugzilla.suse.com/1226556"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47585"
},
{
"cve": "CVE-2021-47586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47586"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: dwmac-rk: fix oob read in rk_gmac_setup\n\nKASAN reports an out-of-bounds read in rk_gmac_setup on the line:\n\n\twhile (ops-\u003eregs[i]) {\n\nThis happens for most platforms since the regs flexible array member is\nempty, so the memory after the ops structure is being read here. It\nseems that mostly this happens to contain zero anyway, so we get lucky\nand everything still works.\n\nTo avoid adding redundant data to nearly all the ops structures, add a\nnew flag to indicate whether the regs field is valid and avoid this loop\nwhen it is not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47586",
"url": "https://www.suse.com/security/cve/CVE-2021-47586"
},
{
"category": "external",
"summary": "SUSE Bug 1226561 for CVE-2021-47586",
"url": "https://bugzilla.suse.com/1226561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47586"
},
{
"cve": "CVE-2021-47587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: systemport: Add global locking for descriptor lifecycle\n\nThe descriptor list is a shared resource across all of the transmit queues, and\nthe locking mechanism used today only protects concurrency across a given\ntransmit queue between the transmit and reclaiming. This creates an opportunity\nfor the SYSTEMPORT hardware to work on corrupted descriptors if we have\nmultiple producers at once which is the case when using multiple transmit\nqueues.\n\nThis was particularly noticeable when using multiple flows/transmit queues and\nit showed up in interesting ways in that UDP packets would get a correct UDP\nheader checksum being calculated over an incorrect packet length. Similarly TCP\npackets would get an equally correct checksum computed by the hardware over an\nincorrect packet length.\n\nThe SYSTEMPORT hardware maintains an internal descriptor list that it re-arranges\nwhen the driver produces a new descriptor anytime it writes to the\nWRITE_PORT_{HI,LO} registers, there is however some delay in the hardware to\nre-organize its descriptors and it is possible that concurrent TX queues\neventually break this internal allocation scheme to the point where the\nlength/status part of the descriptor gets used for an incorrect data buffer.\n\nThe fix is to impose a global serialization for all TX queues in the short\nsection where we are writing to the WRITE_PORT_{HI,LO} registers which solves\nthe corruption even with multiple concurrent TX queues being used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47587",
"url": "https://www.suse.com/security/cve/CVE-2021-47587"
},
{
"category": "external",
"summary": "SUSE Bug 1226567 for CVE-2021-47587",
"url": "https://bugzilla.suse.com/1226567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47587"
},
{
"cve": "CVE-2021-47589",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47589"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigbvf: fix double free in `igbvf_probe`\n\nIn `igbvf_probe`, if register_netdev() fails, the program will go to\nlabel err_hw_init, and then to label err_ioremap. In free_netdev() which\nis just below label err_ioremap, there is `list_for_each_entry_safe` and\n`netif_napi_del` which aims to delete all entries in `dev-\u003enapi_list`.\nThe program has added an entry `adapter-\u003erx_ring-\u003enapi` which is added by\n`netif_napi_add` in igbvf_alloc_queues(). However, adapter-\u003erx_ring has\nbeen freed below label err_hw_init. So this a UAF.\n\nIn terms of how to patch the problem, we can refer to igbvf_remove() and\ndelete the entry before `adapter-\u003erx_ring`.\n\nThe KASAN logs are as follows:\n\n[ 35.126075] BUG: KASAN: use-after-free in free_netdev+0x1fd/0x450\n[ 35.127170] Read of size 8 at addr ffff88810126d990 by task modprobe/366\n[ 35.128360]\n[ 35.128643] CPU: 1 PID: 366 Comm: modprobe Not tainted 5.15.0-rc2+ #14\n[ 35.129789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 35.131749] Call Trace:\n[ 35.132199] dump_stack_lvl+0x59/0x7b\n[ 35.132865] print_address_description+0x7c/0x3b0\n[ 35.133707] ? free_netdev+0x1fd/0x450\n[ 35.134378] __kasan_report+0x160/0x1c0\n[ 35.135063] ? free_netdev+0x1fd/0x450\n[ 35.135738] kasan_report+0x4b/0x70\n[ 35.136367] free_netdev+0x1fd/0x450\n[ 35.137006] igbvf_probe+0x121d/0x1a10 [igbvf]\n[ 35.137808] ? igbvf_vlan_rx_add_vid+0x100/0x100 [igbvf]\n[ 35.138751] local_pci_probe+0x13c/0x1f0\n[ 35.139461] pci_device_probe+0x37e/0x6c0\n[ 35.165526]\n[ 35.165806] Allocated by task 366:\n[ 35.166414] ____kasan_kmalloc+0xc4/0xf0\n[ 35.167117] foo_kmem_cache_alloc_trace+0x3c/0x50 [igbvf]\n[ 35.168078] igbvf_probe+0x9c5/0x1a10 [igbvf]\n[ 35.168866] local_pci_probe+0x13c/0x1f0\n[ 35.169565] pci_device_probe+0x37e/0x6c0\n[ 35.179713]\n[ 35.179993] Freed by task 366:\n[ 35.180539] kasan_set_track+0x4c/0x80\n[ 35.181211] kasan_set_free_info+0x1f/0x40\n[ 35.181942] ____kasan_slab_free+0x103/0x140\n[ 35.182703] kfree+0xe3/0x250\n[ 35.183239] igbvf_probe+0x1173/0x1a10 [igbvf]\n[ 35.184040] local_pci_probe+0x13c/0x1f0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47589",
"url": "https://www.suse.com/security/cve/CVE-2021-47589"
},
{
"category": "external",
"summary": "SUSE Bug 1226557 for CVE-2021-47589",
"url": "https://bugzilla.suse.com/1226557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47589"
},
{
"cve": "CVE-2021-47592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix tc flower deletion for VLAN priority Rx steering\n\nTo replicate the issue:-\n\n1) Add 1 flower filter for VLAN Priority based frame steering:-\n$ IFDEVNAME=eth0\n$ tc qdisc add dev $IFDEVNAME ingress\n$ tc qdisc add dev $IFDEVNAME root mqprio num_tc 8 \\\n map 0 1 2 3 4 5 6 7 0 0 0 0 0 0 0 0 \\\n queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0\n$ tc filter add dev $IFDEVNAME parent ffff: protocol 802.1Q \\\n flower vlan_prio 0 hw_tc 0\n\n2) Get the \u0027pref\u0027 id\n$ tc filter show dev $IFDEVNAME ingress\n\n3) Delete a specific tc flower record (say pref 49151)\n$ tc filter del dev $IFDEVNAME parent ffff: pref 49151\n\nFrom dmesg, we will observe kernel NULL pointer ooops\n\n[ 197.170464] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 197.171367] #PF: supervisor read access in kernel mode\n[ 197.171367] #PF: error_code(0x0000) - not-present page\n[ 197.171367] PGD 0 P4D 0\n[ 197.171367] Oops: 0000 [#1] PREEMPT SMP NOPTI\n\n\u003csnip\u003e\n\n[ 197.171367] RIP: 0010:tc_setup_cls+0x20b/0x4a0 [stmmac]\n\n\u003csnip\u003e\n\n[ 197.171367] Call Trace:\n[ 197.171367] \u003cTASK\u003e\n[ 197.171367] ? __stmmac_disable_all_queues+0xa8/0xe0 [stmmac]\n[ 197.171367] stmmac_setup_tc_block_cb+0x70/0x110 [stmmac]\n[ 197.171367] tc_setup_cb_destroy+0xb3/0x180\n[ 197.171367] fl_hw_destroy_filter+0x94/0xc0 [cls_flower]\n\nThe above issue is due to previous incorrect implementation of\ntc_del_vlan_flow(), shown below, that uses flow_cls_offload_flow_rule()\nto get struct flow_rule *rule which is no longer valid for tc filter\ndelete operation.\n\n struct flow_rule *rule = flow_cls_offload_flow_rule(cls);\n struct flow_dissector *dissector = rule-\u003ematch.dissector;\n\nSo, to ensure tc_del_vlan_flow() deletes the right VLAN cls record for\nearlier configured RX queue (configured by hw_tc) in tc_add_vlan_flow(),\nthis patch introduces stmmac_rfs_entry as driver-side flow_cls_offload\nrecord for \u0027RX frame steering\u0027 tc flower, currently used for VLAN\npriority. The implementation has taken consideration for future extension\nto include other type RX frame steering such as EtherType based.\n\nv2:\n - Clean up overly extensive backtrace and rewrite git message to better\n explain the kernel NULL pointer issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47592",
"url": "https://www.suse.com/security/cve/CVE-2021-47592"
},
{
"category": "external",
"summary": "SUSE Bug 1226572 for CVE-2021-47592",
"url": "https://bugzilla.suse.com/1226572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47592"
},
{
"cve": "CVE-2021-47595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47595"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_ets: don\u0027t remove idle classes from the round-robin list\n\nShuang reported that the following script:\n\n 1) tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7\n 2) mausezahn ddd0 -A 10.10.10.1 -B 10.10.10.2 -c 0 -a own -b 00:c1:a0:c1:a0:00 -t udp \u0026\n 3) tc qdisc change dev ddd0 handle 10: ets bands 4 strict 2 quanta 2500 2500 priomap 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3\n\ncrashes systematically when line 2) is commented:\n\n list_del corruption, ffff8e028404bd30-\u003enext is LIST_POISON1 (dead000000000100)\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:47!\n invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 954 Comm: tc Not tainted 5.16.0-rc4+ #478\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n RIP: 0010:__list_del_entry_valid.cold.1+0x12/0x47\n Code: fe ff 0f 0b 48 89 c1 4c 89 c6 48 c7 c7 08 42 1b 87 e8 1d c5 fe ff 0f 0b 48 89 fe 48 89 c2 48 c7 c7 98 42 1b 87 e8 09 c5 fe ff \u003c0f\u003e 0b 48 c7 c7 48 43 1b 87 e8 fb c4 fe ff 0f 0b 48 89 f2 48 89 fe\n RSP: 0018:ffffae46807a3888 EFLAGS: 00010246\n RAX: 000000000000004e RBX: 0000000000000007 RCX: 0000000000000202\n RDX: 0000000000000000 RSI: ffffffff871ac536 RDI: 00000000ffffffff\n RBP: ffffae46807a3a10 R08: 0000000000000000 R09: c0000000ffff7fff\n R10: 0000000000000001 R11: ffffae46807a36a8 R12: ffff8e028404b800\n R13: ffff8e028404bd30 R14: dead000000000100 R15: ffff8e02fafa2400\n FS: 00007efdc92e4480(0000) GS:ffff8e02fb600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000682f48 CR3: 00000001058be000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n ets_qdisc_change+0x58b/0xa70 [sch_ets]\n tc_modify_qdisc+0x323/0x880\n rtnetlink_rcv_msg+0x169/0x4a0\n netlink_rcv_skb+0x50/0x100\n netlink_unicast+0x1a5/0x280\n netlink_sendmsg+0x257/0x4d0\n sock_sendmsg+0x5b/0x60\n ____sys_sendmsg+0x1f2/0x260\n ___sys_sendmsg+0x7c/0xc0\n __sys_sendmsg+0x57/0xa0\n do_syscall_64+0x3a/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7efdc8031338\n Code: 89 02 48 c7 c0 ff ff ff ff eb b5 0f 1f 80 00 00 00 00 f3 0f 1e fa 48 8d 05 25 43 2c 00 8b 00 85 c0 75 17 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 41 54 41 89 d4 55\n RSP: 002b:00007ffdf1ce9828 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000000061b37a97 RCX: 00007efdc8031338\n RDX: 0000000000000000 RSI: 00007ffdf1ce9890 RDI: 0000000000000003\n RBP: 0000000000000000 R08: 0000000000000001 R09: 000000000078a940\n R10: 000000000000000c R11: 0000000000000246 R12: 0000000000000001\n R13: 0000000000688880 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n Modules linked in: sch_ets sch_tbf dummy rfkill iTCO_wdt iTCO_vendor_support intel_rapl_msr intel_rapl_common joydev pcspkr i2c_i801 virtio_balloon i2c_smbus lpc_ich ip_tables xfs libcrc32c crct10dif_pclmul crc32_pclmul crc32c_intel serio_raw ghash_clmulni_intel ahci libahci libata virtio_blk virtio_console virtio_net net_failover failover sunrpc dm_mirror dm_region_hash dm_log dm_mod [last unloaded: sch_ets]\n ---[ end trace f35878d1912655c2 ]---\n RIP: 0010:__list_del_entry_valid.cold.1+0x12/0x47\n Code: fe ff 0f 0b 48 89 c1 4c 89 c6 48 c7 c7 08 42 1b 87 e8 1d c5 fe ff 0f 0b 48 89 fe 48 89 c2 48 c7 c7 98 42 1b 87 e8 09 c5 fe ff \u003c0f\u003e 0b 48 c7 c7 48 43 1b 87 e8 fb c4 fe ff 0f 0b 48 89 f2 48 89 fe\n RSP: 0018:ffffae46807a3888 EFLAGS: 00010246\n RAX: 000000000000004e RBX: 0000000000000007 RCX: 0000000000000202\n RDX: 0000000000000000 RSI: ffffffff871ac536 RDI: 00000000ffffffff\n RBP: ffffae46807a3a10 R08: 0000000000000000 R09: c0000000ffff7fff\n R10: 0000000000000001 R11: ffffae46807a36a8 R12: ffff8e028404b800\n R13: ffff8e028404bd30 R14: dead000000000100 R15: ffff8e02fafa2400\n FS: 00007efdc92e4480(0000) GS:ffff8e02fb600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47595",
"url": "https://www.suse.com/security/cve/CVE-2021-47595"
},
{
"category": "external",
"summary": "SUSE Bug 1226552 for CVE-2021-47595",
"url": "https://bugzilla.suse.com/1226552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47595"
},
{
"cve": "CVE-2021-47596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47596"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix use-after-free bug in hclgevf_send_mbx_msg\n\nCurrently, the hns3_remove function firstly uninstall client instance,\nand then uninstall acceletion engine device. The netdevice is freed in\nclient instance uninstall process, but acceletion engine device uninstall\nprocess still use it to trace runtime information. This causes a use after\nfree problem.\n\nSo fixes it by check the instance register state to avoid use after free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47596",
"url": "https://www.suse.com/security/cve/CVE-2021-47596"
},
{
"category": "external",
"summary": "SUSE Bug 1226558 for CVE-2021-47596",
"url": "https://bugzilla.suse.com/1226558"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47596"
},
{
"cve": "CVE-2021-47597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47597"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet_diag: fix kernel-infoleak for UDP sockets\n\nKMSAN reported a kernel-infoleak [1], that can exploited\nby unpriv users.\n\nAfter analysis it turned out UDP was not initializing\nr-\u003eidiag_expires. Other users of inet_sk_diag_fill()\nmight make the same mistake in the future, so fix this\nin inet_sk_diag_fill().\n\n[1]\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline]\nBUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:156 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_iter+0x69d/0x25c0 lib/iov_iter.c:670\n instrument_copy_to_user include/linux/instrumented.h:121 [inline]\n copyout lib/iov_iter.c:156 [inline]\n _copy_to_iter+0x69d/0x25c0 lib/iov_iter.c:670\n copy_to_iter include/linux/uio.h:155 [inline]\n simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519\n __skb_datagram_iter+0x2cb/0x1280 net/core/datagram.c:425\n skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533\n skb_copy_datagram_msg include/linux/skbuff.h:3657 [inline]\n netlink_recvmsg+0x660/0x1c60 net/netlink/af_netlink.c:1974\n sock_recvmsg_nosec net/socket.c:944 [inline]\n sock_recvmsg net/socket.c:962 [inline]\n sock_read_iter+0x5a9/0x630 net/socket.c:1035\n call_read_iter include/linux/fs.h:2156 [inline]\n new_sync_read fs/read_write.c:400 [inline]\n vfs_read+0x1631/0x1980 fs/read_write.c:481\n ksys_read+0x28c/0x520 fs/read_write.c:619\n __do_sys_read fs/read_write.c:629 [inline]\n __se_sys_read fs/read_write.c:627 [inline]\n __x64_sys_read+0xdb/0x120 fs/read_write.c:627\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:524 [inline]\n slab_alloc_node mm/slub.c:3251 [inline]\n __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4974\n kmalloc_reserve net/core/skbuff.c:354 [inline]\n __alloc_skb+0x545/0xf90 net/core/skbuff.c:426\n alloc_skb include/linux/skbuff.h:1126 [inline]\n netlink_dump+0x3d5/0x16a0 net/netlink/af_netlink.c:2245\n __netlink_dump_start+0xd1c/0xee0 net/netlink/af_netlink.c:2370\n netlink_dump_start include/linux/netlink.h:254 [inline]\n inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1343\n sock_diag_rcv_msg+0x24a/0x620\n netlink_rcv_skb+0x447/0x800 net/netlink/af_netlink.c:2491\n sock_diag_rcv+0x63/0x80 net/core/sock_diag.c:276\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x1095/0x1360 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x16f3/0x1870 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg net/socket.c:724 [inline]\n sock_write_iter+0x594/0x690 net/socket.c:1057\n do_iter_readv_writev+0xa7f/0xc70\n do_iter_write+0x52c/0x1500 fs/read_write.c:851\n vfs_writev fs/read_write.c:924 [inline]\n do_writev+0x63f/0xe30 fs/read_write.c:967\n __do_sys_writev fs/read_write.c:1040 [inline]\n __se_sys_writev fs/read_write.c:1037 [inline]\n __x64_sys_writev+0xe5/0x120 fs/read_write.c:1037\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBytes 68-71 of 312 are uninitialized\nMemory access of size 312 starts at ffff88812ab54000\nData copied to user address 0000000020001440\n\nCPU: 1 PID: 6365 Comm: syz-executor801 Not tainted 5.16.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47597",
"url": "https://www.suse.com/security/cve/CVE-2021-47597"
},
{
"category": "external",
"summary": "SUSE Bug 1226553 for CVE-2021-47597",
"url": "https://bugzilla.suse.com/1226553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2021-47597"
},
{
"cve": "CVE-2021-47600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47600"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm btree remove: fix use after free in rebalance_children()\n\nMove dm_tm_unlock() after dm_tm_dec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47600",
"url": "https://www.suse.com/security/cve/CVE-2021-47600"
},
{
"category": "external",
"summary": "SUSE Bug 1226575 for CVE-2021-47600",
"url": "https://bugzilla.suse.com/1226575"
},
{
"category": "external",
"summary": "SUSE Bug 1227472 for CVE-2021-47600",
"url": "https://bugzilla.suse.com/1227472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47600"
},
{
"cve": "CVE-2021-47601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: amdtee: fix an IS_ERR() vs NULL bug\n\nThe __get_free_pages() function does not return error pointers it returns\nNULL so fix this condition to avoid a NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47601",
"url": "https://www.suse.com/security/cve/CVE-2021-47601"
},
{
"category": "external",
"summary": "SUSE Bug 1226576 for CVE-2021-47601",
"url": "https://bugzilla.suse.com/1226576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47601"
},
{
"cve": "CVE-2021-47602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: track only QoS data frames for admission control\n\nFor admission control, obviously all of that only works for\nQoS data frames, otherwise we cannot even access the QoS\nfield in the header.\n\nSyzbot reported (see below) an uninitialized value here due\nto a status of a non-QoS nullfunc packet, which isn\u0027t even\nlong enough to contain the QoS header.\n\nFix this to only do anything for QoS data packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47602",
"url": "https://www.suse.com/security/cve/CVE-2021-47602"
},
{
"category": "external",
"summary": "SUSE Bug 1226554 for CVE-2021-47602",
"url": "https://bugzilla.suse.com/1226554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47602"
},
{
"cve": "CVE-2021-47603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47603"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naudit: improve robustness of the audit queue handling\n\nIf the audit daemon were ever to get stuck in a stopped state the\nkernel\u0027s kauditd_thread() could get blocked attempting to send audit\nrecords to the userspace audit daemon. With the kernel thread\nblocked it is possible that the audit queue could grow unbounded as\ncertain audit record generating events must be exempt from the queue\nlimits else the system enter a deadlock state.\n\nThis patch resolves this problem by lowering the kernel thread\u0027s\nsocket sending timeout from MAX_SCHEDULE_TIMEOUT to HZ/10 and tweaks\nthe kauditd_send_queue() function to better manage the various audit\nqueues when connection problems occur between the kernel and the\naudit daemon. With this patch, the backlog may temporarily grow\nbeyond the defined limits when the audit daemon is stopped and the\nsystem is under heavy audit pressure, but kauditd_thread() will\ncontinue to make progress and drain the queues as it would for other\nconnection problems. For example, with the audit daemon put into a\nstopped state and the system configured to audit every syscall it\nwas still possible to shutdown the system without a kernel panic,\ndeadlock, etc.; granted, the system was slow to shutdown but that is\nto be expected given the extreme pressure of recording every syscall.\n\nThe timeout value of HZ/10 was chosen primarily through\nexperimentation and this developer\u0027s \"gut feeling\". There is likely\nno one perfect value, but as this scenario is limited in scope (root\nprivileges would be needed to send SIGSTOP to the audit daemon), it\nis likely not worth exposing this as a tunable at present. This can\nalways be done at a later date if it proves necessary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47603",
"url": "https://www.suse.com/security/cve/CVE-2021-47603"
},
{
"category": "external",
"summary": "SUSE Bug 1226577 for CVE-2021-47603",
"url": "https://bugzilla.suse.com/1226577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47603"
},
{
"cve": "CVE-2021-47604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvduse: check that offset is within bounds in get_config()\n\nThis condition checks \"len\" but it does not check \"offset\" and that\ncould result in an out of bounds read if \"offset \u003e dev-\u003econfig_size\".\nThe problem is that since both variables are unsigned the\n\"dev-\u003econfig_size - offset\" subtraction would result in a very high\nunsigned value.\n\nI think these checks might not be necessary because \"len\" and \"offset\"\nare supposed to already have been validated using the\nvhost_vdpa_config_validate() function. But I do not know the code\nperfectly, and I like to be safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47604",
"url": "https://www.suse.com/security/cve/CVE-2021-47604"
},
{
"category": "external",
"summary": "SUSE Bug 1226566 for CVE-2021-47604",
"url": "https://bugzilla.suse.com/1226566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47604"
},
{
"cve": "CVE-2021-47605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvduse: fix memory corruption in vduse_dev_ioctl()\n\nThe \"config.offset\" comes from the user. There needs to a check to\nprevent it being out of bounds. The \"config.offset\" and\n\"dev-\u003econfig_size\" variables are both type u32. So if the offset if\nout of bounds then the \"dev-\u003econfig_size - config.offset\" subtraction\nresults in a very high u32 value. The out of bounds offset can result\nin memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47605",
"url": "https://www.suse.com/security/cve/CVE-2021-47605"
},
{
"category": "external",
"summary": "SUSE Bug 1226579 for CVE-2021-47605",
"url": "https://bugzilla.suse.com/1226579"
},
{
"category": "external",
"summary": "SUSE Bug 1227550 for CVE-2021-47605",
"url": "https://bugzilla.suse.com/1227550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2021-47605"
},
{
"cve": "CVE-2021-47607",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47607"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix kernel address leakage in atomic cmpxchg\u0027s r0 aux reg\n\nThe implementation of BPF_CMPXCHG on a high level has the following parameters:\n\n .-[old-val] .-[new-val]\n BPF_R0 = cmpxchg{32,64}(DST_REG + insn-\u003eoff, BPF_R0, SRC_REG)\n `-[mem-loc] `-[old-val]\n\nGiven a BPF insn can only have two registers (dst, src), the R0 is fixed and\nused as an auxilliary register for input (old value) as well as output (returning\nold value from memory location). While the verifier performs a number of safety\nchecks, it misses to reject unprivileged programs where R0 contains a pointer as\nold value.\n\nThrough brute-forcing it takes about ~16sec on my machine to leak a kernel pointer\nwith BPF_CMPXCHG. The PoC is basically probing for kernel addresses by storing the\nguessed address into the map slot as a scalar, and using the map value pointer as\nR0 while SRC_REG has a canary value to detect a matching address.\n\nFix it by checking R0 for pointers, and reject if that\u0027s the case for unprivileged\nprograms.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47607",
"url": "https://www.suse.com/security/cve/CVE-2021-47607"
},
{
"category": "external",
"summary": "SUSE Bug 1226580 for CVE-2021-47607",
"url": "https://bugzilla.suse.com/1226580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47607"
},
{
"cve": "CVE-2021-47608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix kernel address leakage in atomic fetch\n\nThe change in commit 37086bfdc737 (\"bpf: Propagate stack bounds to registers\nin atomics w/ BPF_FETCH\") around check_mem_access() handling is buggy since\nthis would allow for unprivileged users to leak kernel pointers. For example,\nan atomic fetch/and with -1 on a stack destination which holds a spilled\npointer will migrate the spilled register type into a scalar, which can then\nbe exported out of the program (since scalar != pointer) by dumping it into\na map value.\n\nThe original implementation of XADD was preventing this situation by using\na double call to check_mem_access() one with BPF_READ and a subsequent one\nwith BPF_WRITE, in both cases passing -1 as a placeholder value instead of\nregister as per XADD semantics since it didn\u0027t contain a value fetch. The\nBPF_READ also included a check in check_stack_read_fixed_off() which rejects\nthe program if the stack slot is of __is_pointer_value() if dst_regno \u003c 0.\nThe latter is to distinguish whether we\u0027re dealing with a regular stack spill/\nfill or some arithmetical operation which is disallowed on non-scalars, see\nalso 6e7e63cbb023 (\"bpf: Forbid XADD on spilled pointers for unprivileged\nusers\") for more context on check_mem_access() and its handling of placeholder\nvalue -1.\n\nOne minimally intrusive option to fix the leak is for the BPF_FETCH case to\ninitially check the BPF_READ case via check_mem_access() with -1 as register,\nfollowed by the actual load case with non-negative load_reg to propagate\nstack bounds to registers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47608",
"url": "https://www.suse.com/security/cve/CVE-2021-47608"
},
{
"category": "external",
"summary": "SUSE Bug 1226569 for CVE-2021-47608",
"url": "https://bugzilla.suse.com/1226569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47608"
},
{
"cve": "CVE-2021-47609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scpi: Fix string overflow in SCPI genpd driver\n\nWithout the bound checks for scpi_pd-\u003ename, it could result in the buffer\noverflow when copying the SCPI device name from the corresponding device\ntree node as the name string is set at maximum size of 30.\n\nLet us fix it by using devm_kasprintf so that the string buffer is\nallocated dynamically.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47609",
"url": "https://www.suse.com/security/cve/CVE-2021-47609"
},
{
"category": "external",
"summary": "SUSE Bug 1226562 for CVE-2021-47609",
"url": "https://bugzilla.suse.com/1226562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47609"
},
{
"cve": "CVE-2021-47610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Fix null ptr access msm_ioctl_gem_submit()\n\nFix the below null pointer dereference in msm_ioctl_gem_submit():\n\n 26545.260705: Call trace:\n 26545.263223: kref_put+0x1c/0x60\n 26545.266452: msm_ioctl_gem_submit+0x254/0x744\n 26545.270937: drm_ioctl_kernel+0xa8/0x124\n 26545.274976: drm_ioctl+0x21c/0x33c\n 26545.278478: drm_compat_ioctl+0xdc/0xf0\n 26545.282428: __arm64_compat_sys_ioctl+0xc8/0x100\n 26545.287169: el0_svc_common+0xf8/0x250\n 26545.291025: do_el0_svc_compat+0x28/0x54\n 26545.295066: el0_svc_compat+0x10/0x1c\n 26545.298838: el0_sync_compat_handler+0xa8/0xcc\n 26545.303403: el0_sync_compat+0x188/0x1c0\n 26545.307445: Code: d503201f d503201f 52800028 4b0803e8 (b8680008)\n 26545.318799: Kernel panic - not syncing: Oops: Fatal exception",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47610",
"url": "https://www.suse.com/security/cve/CVE-2021-47610"
},
{
"category": "external",
"summary": "SUSE Bug 1226581 for CVE-2021-47610",
"url": "https://bugzilla.suse.com/1226581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47610"
},
{
"cve": "CVE-2021-47611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47611"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: validate extended element ID is present\n\nBefore attempting to parse an extended element, verify that\nthe extended element ID is present.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47611",
"url": "https://www.suse.com/security/cve/CVE-2021-47611"
},
{
"category": "external",
"summary": "SUSE Bug 1226583 for CVE-2021-47611",
"url": "https://bugzilla.suse.com/1226583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47611"
},
{
"cve": "CVE-2021-47612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47612"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: fix segfault in nfc_genl_dump_devices_done\n\nWhen kmalloc in nfc_genl_dump_devices() fails then\nnfc_genl_dump_devices_done() segfaults as below\n\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 0 PID: 25 Comm: kworker/0:1 Not tainted 5.16.0-rc4-01180-g2a987e65025e-dirty #5\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-6.fc35 04/01/2014\nWorkqueue: events netlink_sock_destruct_work\nRIP: 0010:klist_iter_exit+0x26/0x80\nCall Trace:\n\u003cTASK\u003e\nclass_dev_iter_exit+0x15/0x20\nnfc_genl_dump_devices_done+0x3b/0x50\ngenl_lock_done+0x84/0xd0\nnetlink_sock_destruct+0x8f/0x270\n__sk_destruct+0x64/0x3b0\nsk_destruct+0xa8/0xd0\n__sk_free+0x2e8/0x3d0\nsk_free+0x51/0x90\nnetlink_sock_destruct_work+0x1c/0x20\nprocess_one_work+0x411/0x710\nworker_thread+0x6fd/0xa80",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47612",
"url": "https://www.suse.com/security/cve/CVE-2021-47612"
},
{
"category": "external",
"summary": "SUSE Bug 1226585 for CVE-2021-47612",
"url": "https://bugzilla.suse.com/1226585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47612"
},
{
"cve": "CVE-2021-47614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix a user-after-free in add_pble_prm\n\nWhen irdma_hmc_sd_one fails, \u0027chunk\u0027 is freed while its still on the PBLE\ninfo list.\n\nAdd the chunk entry to the PBLE info list only after successful setting of\nthe SD in irdma_hmc_sd_one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47614",
"url": "https://www.suse.com/security/cve/CVE-2021-47614"
},
{
"category": "external",
"summary": "SUSE Bug 1226601 for CVE-2021-47614",
"url": "https://bugzilla.suse.com/1226601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47614"
},
{
"cve": "CVE-2021-47615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47615"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47615",
"url": "https://www.suse.com/security/cve/CVE-2021-47615"
},
{
"category": "external",
"summary": "SUSE Bug 1226602 for CVE-2021-47615",
"url": "https://bugzilla.suse.com/1226602"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2021-47615"
},
{
"cve": "CVE-2021-47616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: Fix use-after-free in rxe_queue_cleanup\n\nOn error handling path in rxe_qp_from_init() qp-\u003esq.queue is freed and\nthen rxe_create_qp() will drop last reference to this object. qp clean up\nfunction will try to free this queue one time and it causes UAF bug.\n\nFix it by zeroing queue pointer after freeing queue in rxe_qp_from_init().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47616",
"url": "https://www.suse.com/security/cve/CVE-2021-47616"
},
{
"category": "external",
"summary": "SUSE Bug 1226603 for CVE-2021-47616",
"url": "https://bugzilla.suse.com/1226603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47616"
},
{
"cve": "CVE-2021-47617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pciehp: Fix infinite loop in IRQ handler upon power fault\n\nThe Power Fault Detected bit in the Slot Status register differs from\nall other hotplug events in that it is sticky: It can only be cleared\nafter turning off slot power. Per PCIe r5.0, sec. 6.7.1.8:\n\n If a power controller detects a main power fault on the hot-plug slot,\n it must automatically set its internal main power fault latch [...].\n The main power fault latch is cleared when software turns off power to\n the hot-plug slot.\n\nThe stickiness used to cause interrupt storms and infinite loops which\nwere fixed in 2009 by commits 5651c48cfafe (\"PCI pciehp: fix power fault\ninterrupt storm problem\") and 99f0169c17f3 (\"PCI: pciehp: enable\nsoftware notification on empty slots\").\n\nUnfortunately in 2020 the infinite loop issue was inadvertently\nreintroduced by commit 8edf5332c393 (\"PCI: pciehp: Fix MSI interrupt\nrace\"): The hardirq handler pciehp_isr() clears the PFD bit until\npciehp\u0027s power_fault_detected flag is set. That happens in the IRQ\nthread pciehp_ist(), which never learns of the event because the hardirq\nhandler is stuck in an infinite loop. Fix by setting the\npower_fault_detected flag already in the hardirq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47617",
"url": "https://www.suse.com/security/cve/CVE-2021-47617"
},
{
"category": "external",
"summary": "SUSE Bug 1226614 for CVE-2021-47617",
"url": "https://bugzilla.suse.com/1226614"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47617"
},
{
"cve": "CVE-2021-47618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9170/1: fix panic when kasan and kprobe are enabled\n\narm32 uses software to simulate the instruction replaced\nby kprobe. some instructions may be simulated by constructing\nassembly functions. therefore, before executing instruction\nsimulation, it is necessary to construct assembly function\nexecution environment in C language through binding registers.\nafter kasan is enabled, the register binding relationship will\nbe destroyed, resulting in instruction simulation errors and\ncausing kernel panic.\n\nthe kprobe emulate instruction function is distributed in three\nfiles: actions-common.c actions-arm.c actions-thumb.c, so disable\nKASAN when compiling these files.\n\nfor example, use kprobe insert on cap_capable+20 after kasan\nenabled, the cap_capable assembly code is as follows:\n\u003ccap_capable\u003e:\ne92d47f0\tpush\t{r4, r5, r6, r7, r8, r9, sl, lr}\ne1a05000\tmov\tr5, r0\ne280006c\tadd\tr0, r0, #108 ; 0x6c\ne1a04001\tmov\tr4, r1\ne1a06002\tmov\tr6, r2\ne59fa090\tldr\tsl, [pc, #144] ;\nebfc7bf8\tbl\tc03aa4b4 \u003c__asan_load4\u003e\ne595706c\tldr\tr7, [r5, #108] ; 0x6c\ne2859014\tadd\tr9, r5, #20\n......\nThe emulate_ldr assembly code after enabling kasan is as follows:\nc06f1384 \u003cemulate_ldr\u003e:\ne92d47f0\tpush\t{r4, r5, r6, r7, r8, r9, sl, lr}\ne282803c\tadd\tr8, r2, #60 ; 0x3c\ne1a05000\tmov\tr5, r0\ne7e37855\tubfx\tr7, r5, #16, #4\ne1a00008\tmov\tr0, r8\ne1a09001\tmov\tr9, r1\ne1a04002\tmov\tr4, r2\nebf35462\tbl\tc03c6530 \u003c__asan_load4\u003e\ne357000f\tcmp\tr7, #15\ne7e36655\tubfx\tr6, r5, #12, #4\ne205a00f\tand\tsl, r5, #15\n0a000001\tbeq\tc06f13bc \u003cemulate_ldr+0x38\u003e\ne0840107\tadd\tr0, r4, r7, lsl #2\nebf3545c\tbl\tc03c6530 \u003c__asan_load4\u003e\ne084010a\tadd\tr0, r4, sl, lsl #2\nebf3545a\tbl\tc03c6530 \u003c__asan_load4\u003e\ne2890010\tadd\tr0, r9, #16\nebf35458\tbl\tc03c6530 \u003c__asan_load4\u003e\ne5990010\tldr\tr0, [r9, #16]\ne12fff30\tblx\tr0\ne356000f\tcm\tr6, #15\n1a000014\tbne\tc06f1430 \u003cemulate_ldr+0xac\u003e\ne1a06000\tmov\tr6, r0\ne2840040\tadd\tr0, r4, #64 ; 0x40\n......\n\nwhen running in emulate_ldr to simulate the ldr instruction, panic\noccurred, and the log is as follows:\nUnable to handle kernel NULL pointer dereference at virtual address\n00000090\npgd = ecb46400\n[00000090] *pgd=2e0fa003, *pmd=00000000\nInternal error: Oops: 206 [#1] SMP ARM\nPC is at cap_capable+0x14/0xb0\nLR is at emulate_ldr+0x50/0xc0\npsr: 600d0293 sp : ecd63af8 ip : 00000004 fp : c0a7c30c\nr10: 00000000 r9 : c30897f4 r8 : ecd63cd4\nr7 : 0000000f r6 : 0000000a r5 : e59fa090 r4 : ecd63c98\nr3 : c06ae294 r2 : 00000000 r1 : b7611300 r0 : bf4ec008\nFlags: nZCv IRQs off FIQs on Mode SVC_32 ISA ARM Segment user\nControl: 32c5387d Table: 2d546400 DAC: 55555555\nProcess bash (pid: 1643, stack limit = 0xecd60190)\n(cap_capable) from (kprobe_handler+0x218/0x340)\n(kprobe_handler) from (kprobe_trap_handler+0x24/0x48)\n(kprobe_trap_handler) from (do_undefinstr+0x13c/0x364)\n(do_undefinstr) from (__und_svc_finish+0x0/0x30)\n(__und_svc_finish) from (cap_capable+0x18/0xb0)\n(cap_capable) from (cap_vm_enough_memory+0x38/0x48)\n(cap_vm_enough_memory) from\n(security_vm_enough_memory_mm+0x48/0x6c)\n(security_vm_enough_memory_mm) from\n(copy_process.constprop.5+0x16b4/0x25c8)\n(copy_process.constprop.5) from (_do_fork+0xe8/0x55c)\n(_do_fork) from (SyS_clone+0x1c/0x24)\n(SyS_clone) from (__sys_trace_return+0x0/0x10)\nCode: 0050a0e1 6c0080e2 0140a0e1 0260a0e1 (f801f0e7)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47618",
"url": "https://www.suse.com/security/cve/CVE-2021-47618"
},
{
"category": "external",
"summary": "SUSE Bug 1226644 for CVE-2021-47618",
"url": "https://bugzilla.suse.com/1226644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47618"
},
{
"cve": "CVE-2021-47619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47619"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix queues reservation for XDP\n\nWhen XDP was configured on a system with large number of CPUs\nand X722 NIC there was a call trace with NULL pointer dereference.\n\ni40e 0000:87:00.0: failed to get tracking for 256 queues for VSI 0 err -12\ni40e 0000:87:00.0: setup of MAIN VSI failed\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: 0010:i40e_xdp+0xea/0x1b0 [i40e]\nCall Trace:\n? i40e_reconfig_rss_queues+0x130/0x130 [i40e]\ndev_xdp_install+0x61/0xe0\ndev_xdp_attach+0x18a/0x4c0\ndev_change_xdp_fd+0x1e6/0x220\ndo_setlink+0x616/0x1030\n? ahci_port_stop+0x80/0x80\n? ata_qc_issue+0x107/0x1e0\n? lock_timer_base+0x61/0x80\n? __mod_timer+0x202/0x380\nrtnl_setlink+0xe5/0x170\n? bpf_lsm_binder_transaction+0x10/0x10\n? security_capable+0x36/0x50\nrtnetlink_rcv_msg+0x121/0x350\n? rtnl_calcit.isra.0+0x100/0x100\nnetlink_rcv_skb+0x50/0xf0\nnetlink_unicast+0x1d3/0x2a0\nnetlink_sendmsg+0x22a/0x440\nsock_sendmsg+0x5e/0x60\n__sys_sendto+0xf0/0x160\n? __sys_getsockname+0x7e/0xc0\n? _copy_from_user+0x3c/0x80\n? __sys_setsockopt+0xc8/0x1a0\n__x64_sys_sendto+0x20/0x30\ndo_syscall_64+0x33/0x40\nentry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f83fa7a39e0\n\nThis was caused by PF queue pile fragmentation due to\nflow director VSI queue being placed right after main VSI.\nBecause of this main VSI was not able to resize its\nqueue allocation for XDP resulting in no queues allocated\nfor main VSI when XDP was turned on.\n\nFix this by always allocating last queue in PF queue pile\nfor a flow director VSI.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47619",
"url": "https://www.suse.com/security/cve/CVE-2021-47619"
},
{
"category": "external",
"summary": "SUSE Bug 1226645 for CVE-2021-47619",
"url": "https://bugzilla.suse.com/1226645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2021-47619"
},
{
"cve": "CVE-2021-47620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47620"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: refactor malicious adv data check\n\nCheck for out-of-bound read was being performed at the end of while\nnum_reports loop, and would fill journal with false positives. Added\ncheck to beginning of loop processing so that it doesn\u0027t get checked\nafter ptr has been advanced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47620",
"url": "https://www.suse.com/security/cve/CVE-2021-47620"
},
{
"category": "external",
"summary": "SUSE Bug 1226669 for CVE-2021-47620",
"url": "https://bugzilla.suse.com/1226669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2021-47620"
},
{
"cve": "CVE-2022-48711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: improve size validations for received domain records\n\nThe function tipc_mon_rcv() allows a node to receive and process\ndomain_record structs from peer nodes to track their views of the\nnetwork topology.\n\nThis patch verifies that the number of members in a received domain\nrecord does not exceed the limit defined by MAX_MON_DOMAIN, something\nthat may otherwise lead to a stack overflow.\n\ntipc_mon_rcv() is called from the function tipc_link_proto_rcv(), where\nwe are reading a 32 bit message data length field into a uint16. To\navert any risk of bit overflow, we add an extra sanity check for this in\nthat function. We cannot see that happen with the current code, but\nfuture designers being unaware of this risk, may introduce it by\nallowing delivery of very large (\u003e 64k) sk buffers from the bearer\nlayer. This potential problem was identified by Eric Dumazet.\n\nThis fixes CVE-2022-0435",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48711",
"url": "https://www.suse.com/security/cve/CVE-2022-48711"
},
{
"category": "external",
"summary": "SUSE Bug 1226672 for CVE-2022-48711",
"url": "https://bugzilla.suse.com/1226672"
},
{
"category": "external",
"summary": "SUSE Bug 1227473 for CVE-2022-48711",
"url": "https://bugzilla.suse.com/1227473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48711"
},
{
"cve": "CVE-2022-48712",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48712"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix error handling in ext4_fc_record_modified_inode()\n\nCurrent code does not fully takes care of krealloc() error case, which\ncould lead to silent memory corruption or a kernel bug. This patch\nfixes that.\n\nAlso it cleans up some duplicated error handling logic from various\nfunctions in fast_commit.c file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48712",
"url": "https://www.suse.com/security/cve/CVE-2022-48712"
},
{
"category": "external",
"summary": "SUSE Bug 1226673 for CVE-2022-48712",
"url": "https://bugzilla.suse.com/1226673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48712"
},
{
"cve": "CVE-2022-48713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel/pt: Fix crash with stop filters in single-range mode\n\nAdd a check for !buf-\u003esingle before calling pt_buffer_region_size in a\nplace where a missing check can cause a kernel crash.\n\nFixes a bug introduced by commit 670638477aed (\"perf/x86/intel/pt:\nOpportunistically use single range output mode\"), which added a\nsupport for PT single-range output mode. Since that commit if a PT\nstop filter range is hit while tracing, the kernel will crash because\nof a null pointer dereference in pt_handle_status due to calling\npt_buffer_region_size without a ToPA configured.\n\nThe commit which introduced single-range mode guarded almost all uses of\nthe ToPA buffer variables with checks of the buf-\u003esingle variable, but\nmissed the case where tracing was stopped by the PT hardware, which\nhappens when execution hits a configured stop filter.\n\nTested that hitting a stop filter while PT recording successfully\nrecords a trace with this patch but crashes without this patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48713",
"url": "https://www.suse.com/security/cve/CVE-2022-48713"
},
{
"category": "external",
"summary": "SUSE Bug 1227549 for CVE-2022-48713",
"url": "https://bugzilla.suse.com/1227549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48713"
},
{
"cve": "CVE-2022-48714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Use VM_MAP instead of VM_ALLOC for ringbuf\n\nAfter commit 2fd3fb0be1d1 (\"kasan, vmalloc: unpoison VM_ALLOC pages\nafter mapping\"), non-VM_ALLOC mappings will be marked as accessible\nin __get_vm_area_node() when KASAN is enabled. But now the flag for\nringbuf area is VM_ALLOC, so KASAN will complain out-of-bound access\nafter vmap() returns. Because the ringbuf area is created by mapping\nallocated pages, so use VM_MAP instead.\n\nAfter the change, info in /proc/vmallocinfo also changes from\n [start]-[end] 24576 ringbuf_map_alloc+0x171/0x290 vmalloc user\nto\n [start]-[end] 24576 ringbuf_map_alloc+0x171/0x290 vmap user",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48714",
"url": "https://www.suse.com/security/cve/CVE-2022-48714"
},
{
"category": "external",
"summary": "SUSE Bug 1226622 for CVE-2022-48714",
"url": "https://bugzilla.suse.com/1226622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2022-48714"
},
{
"cve": "CVE-2022-48715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48715"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Make bnx2fc_recv_frame() mp safe\n\nRunning tests with a debug kernel shows that bnx2fc_recv_frame() is\nmodifying the per_cpu lport stats counters in a non-mpsafe way. Just boot\na debug kernel and run the bnx2fc driver with the hardware enabled.\n\n[ 1391.699147] BUG: using smp_processor_id() in preemptible [00000000] code: bnx2fc_\n[ 1391.699160] caller is bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc]\n[ 1391.699174] CPU: 2 PID: 4355 Comm: bnx2fc_l2_threa Kdump: loaded Tainted: G B\n[ 1391.699180] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n[ 1391.699183] Call Trace:\n[ 1391.699188] dump_stack_lvl+0x57/0x7d\n[ 1391.699198] check_preemption_disabled+0xc8/0xd0\n[ 1391.699205] bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc]\n[ 1391.699215] ? do_raw_spin_trylock+0xb5/0x180\n[ 1391.699221] ? bnx2fc_npiv_create_vports.isra.0+0x4e0/0x4e0 [bnx2fc]\n[ 1391.699229] ? bnx2fc_l2_rcv_thread+0xb7/0x3a0 [bnx2fc]\n[ 1391.699240] bnx2fc_l2_rcv_thread+0x1af/0x3a0 [bnx2fc]\n[ 1391.699250] ? bnx2fc_ulp_init+0xc0/0xc0 [bnx2fc]\n[ 1391.699258] kthread+0x364/0x420\n[ 1391.699263] ? _raw_spin_unlock_irq+0x24/0x50\n[ 1391.699268] ? set_kthread_struct+0x100/0x100\n[ 1391.699273] ret_from_fork+0x22/0x30\n\nRestore the old get_cpu/put_cpu code with some modifications to reduce the\nsize of the critical section.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48715",
"url": "https://www.suse.com/security/cve/CVE-2022-48715"
},
{
"category": "external",
"summary": "SUSE Bug 1226621 for CVE-2022-48715",
"url": "https://bugzilla.suse.com/1226621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2022-48715"
},
{
"cve": "CVE-2022-48716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48716"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: codecs: wcd938x: fix incorrect used of portid\n\nMixer controls have the channel id in mixer-\u003ereg, which is not same\nas port id. port id should be derived from chan_info array.\nSo fix this. Without this, its possible that we could corrupt\nstruct wcd938x_sdw_priv by accessing port_map array out of range\nwith channel id instead of port id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48716",
"url": "https://www.suse.com/security/cve/CVE-2022-48716"
},
{
"category": "external",
"summary": "SUSE Bug 1226678 for CVE-2022-48716",
"url": "https://bugzilla.suse.com/1226678"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48716"
},
{
"cve": "CVE-2022-48717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48717"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: max9759: fix underflow in speaker_gain_control_put()\n\nCheck for negative values of \"priv-\u003egain\" to prevent an out of bounds\naccess. The concern is that these might come from the user via:\n -\u003e snd_ctl_elem_write_user()\n -\u003e snd_ctl_elem_write()\n -\u003e kctl-\u003eput()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48717",
"url": "https://www.suse.com/security/cve/CVE-2022-48717"
},
{
"category": "external",
"summary": "SUSE Bug 1226679 for CVE-2022-48717",
"url": "https://bugzilla.suse.com/1226679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48717"
},
{
"cve": "CVE-2022-48718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: mxsfb: Fix NULL pointer dereference\n\nmxsfb should not ever dereference the NULL pointer which\ndrm_atomic_get_new_bridge_state is allowed to return.\nAssume a fixed format instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48718",
"url": "https://www.suse.com/security/cve/CVE-2022-48718"
},
{
"category": "external",
"summary": "SUSE Bug 1226616 for CVE-2022-48718",
"url": "https://bugzilla.suse.com/1226616"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48718"
},
{
"cve": "CVE-2022-48720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48720"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macsec: Fix offload support for NETDEV_UNREGISTER event\n\nCurrent macsec netdev notify handler handles NETDEV_UNREGISTER event by\nreleasing relevant SW resources only, this causes resources leak in case\nof macsec HW offload, as the underlay driver was not notified to clean\nit\u0027s macsec offload resources.\n\nFix by calling the underlay driver to clean it\u0027s relevant resources\nby moving offload handling from macsec_dellink() to macsec_common_dellink()\nwhen handling NETDEV_UNREGISTER event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48720",
"url": "https://www.suse.com/security/cve/CVE-2022-48720"
},
{
"category": "external",
"summary": "SUSE Bug 1226683 for CVE-2022-48720",
"url": "https://bugzilla.suse.com/1226683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2022-48720"
},
{
"cve": "CVE-2022-48721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48721"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Forward wakeup to smc socket waitqueue after fallback\n\nWhen we replace TCP with SMC and a fallback occurs, there may be\nsome socket waitqueue entries remaining in smc socket-\u003ewq, such\nas eppoll_entries inserted by userspace applications.\n\nAfter the fallback, data flows over TCP/IP and only clcsocket-\u003ewq\nwill be woken up. Applications can\u0027t be notified by the entries\nwhich were inserted in smc socket-\u003ewq before fallback. So we need\na mechanism to wake up smc socket-\u003ewq at the same time if some\nentries remaining in it.\n\nThe current workaround is to transfer the entries from smc socket-\u003ewq\nto clcsock-\u003ewq during the fallback. But this may cause a crash\nlike this:\n\n general protection fault, probably for non-canonical address 0xdead000000000100: 0000 [#1] PREEMPT SMP PTI\n CPU: 3 PID: 0 Comm: swapper/3 Kdump: loaded Tainted: G E 5.16.0+ #107\n RIP: 0010:__wake_up_common+0x65/0x170\n Call Trace:\n \u003cIRQ\u003e\n __wake_up_common_lock+0x7a/0xc0\n sock_def_readable+0x3c/0x70\n tcp_data_queue+0x4a7/0xc40\n tcp_rcv_established+0x32f/0x660\n ? sk_filter_trim_cap+0xcb/0x2e0\n tcp_v4_do_rcv+0x10b/0x260\n tcp_v4_rcv+0xd2a/0xde0\n ip_protocol_deliver_rcu+0x3b/0x1d0\n ip_local_deliver_finish+0x54/0x60\n ip_local_deliver+0x6a/0x110\n ? tcp_v4_early_demux+0xa2/0x140\n ? tcp_v4_early_demux+0x10d/0x140\n ip_sublist_rcv_finish+0x49/0x60\n ip_sublist_rcv+0x19d/0x230\n ip_list_rcv+0x13e/0x170\n __netif_receive_skb_list_core+0x1c2/0x240\n netif_receive_skb_list_internal+0x1e6/0x320\n napi_complete_done+0x11d/0x190\n mlx5e_napi_poll+0x163/0x6b0 [mlx5_core]\n __napi_poll+0x3c/0x1b0\n net_rx_action+0x27c/0x300\n __do_softirq+0x114/0x2d2\n irq_exit_rcu+0xb4/0xe0\n common_interrupt+0xba/0xe0\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n\nThe crash is caused by privately transferring waitqueue entries from\nsmc socket-\u003ewq to clcsock-\u003ewq. The owners of these entries, such as\nepoll, have no idea that the entries have been transferred to a\ndifferent socket wait queue and still use original waitqueue spinlock\n(smc socket-\u003ewq.wait.lock) to make the entries operation exclusive,\nbut it doesn\u0027t work. The operations to the entries, such as removing\nfrom the waitqueue (now is clcsock-\u003ewq after fallback), may cause a\ncrash when clcsock waitqueue is being iterated over at the moment.\n\nThis patch tries to fix this by no longer transferring wait queue\nentries privately, but introducing own implementations of clcsock\u0027s\ncallback functions in fallback situation. The callback functions will\nforward the wakeup to smc socket-\u003ewq if clcsock-\u003ewq is actually woken\nup and smc socket-\u003ewq has remaining entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48721",
"url": "https://www.suse.com/security/cve/CVE-2022-48721"
},
{
"category": "external",
"summary": "SUSE Bug 1226685 for CVE-2022-48721",
"url": "https://bugzilla.suse.com/1226685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48721"
},
{
"cve": "CVE-2022-48722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48722"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: ca8210: Stop leaking skb\u0027s\n\nUpon error the ieee802154_xmit_complete() helper is not called. Only\nieee802154_wake_queue() is called manually. We then leak the skb\nstructure.\n\nFree the skb structure upon error before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48722",
"url": "https://www.suse.com/security/cve/CVE-2022-48722"
},
{
"category": "external",
"summary": "SUSE Bug 1226619 for CVE-2022-48722",
"url": "https://bugzilla.suse.com/1226619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48722"
},
{
"cve": "CVE-2022-48723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48723"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: uniphier: fix reference count leak in uniphier_spi_probe()\n\nThe issue happens in several error paths in uniphier_spi_probe().\nWhen either dma_get_slave_caps() or devm_spi_register_master() returns\nan error code, the function forgets to decrease the refcount of both\n`dma_rx` and `dma_tx` objects, which may lead to refcount leaks.\n\nFix it by decrementing the reference count of specific objects in\nthose error paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48723",
"url": "https://www.suse.com/security/cve/CVE-2022-48723"
},
{
"category": "external",
"summary": "SUSE Bug 1226617 for CVE-2022-48723",
"url": "https://bugzilla.suse.com/1226617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48723"
},
{
"cve": "CVE-2022-48724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48724"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()\n\nAfter commit e3beca48a45b (\"irqdomain/treewide: Keep firmware node\nunconditionally allocated\"). For tear down scenario, fn is only freed\nafter fail to allocate ir_domain, though it also should be freed in case\ndmar_enable_qi returns error.\n\nBesides free fn, irq_domain and ir_msi_domain need to be removed as well\nif intel_setup_irq_remapping fails to enable queued invalidation.\n\nImprove the rewinding path by add out_free_ir_domain and out_free_fwnode\nlables per Baolu\u0027s suggestion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48724",
"url": "https://www.suse.com/security/cve/CVE-2022-48724"
},
{
"category": "external",
"summary": "SUSE Bug 1226624 for CVE-2022-48724",
"url": "https://bugzilla.suse.com/1226624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48724"
},
{
"cve": "CVE-2022-48725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48725"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Fix refcounting leak in siw_create_qp()\n\nThe atomic_inc() needs to be paired with an atomic_dec() on the error\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48725",
"url": "https://www.suse.com/security/cve/CVE-2022-48725"
},
{
"category": "external",
"summary": "SUSE Bug 1226618 for CVE-2022-48725",
"url": "https://bugzilla.suse.com/1226618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48725"
},
{
"cve": "CVE-2022-48726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/ucma: Protect mc during concurrent multicast leaves\n\nPartially revert the commit mentioned in the Fixes line to make sure that\nallocation and erasing multicast struct are locked.\n\n BUG: KASAN: use-after-free in ucma_cleanup_multicast drivers/infiniband/core/ucma.c:491 [inline]\n BUG: KASAN: use-after-free in ucma_destroy_private_ctx+0x914/0xb70 drivers/infiniband/core/ucma.c:579\n Read of size 8 at addr ffff88801bb74b00 by task syz-executor.1/25529\n CPU: 0 PID: 25529 Comm: syz-executor.1 Not tainted 5.16.0-rc7-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\n Call Trace:\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x320 mm/kasan/report.c:247\n __kasan_report mm/kasan/report.c:433 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:450\n ucma_cleanup_multicast drivers/infiniband/core/ucma.c:491 [inline]\n ucma_destroy_private_ctx+0x914/0xb70 drivers/infiniband/core/ucma.c:579\n ucma_destroy_id+0x1e6/0x280 drivers/infiniband/core/ucma.c:614\n ucma_write+0x25c/0x350 drivers/infiniband/core/ucma.c:1732\n vfs_write+0x28e/0xae0 fs/read_write.c:588\n ksys_write+0x1ee/0x250 fs/read_write.c:643\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nCurrently the xarray search can touch a concurrently freeing mc as the\nxa_for_each() is not surrounded by any lock. Rather than hold the lock for\na full scan hold it only for the effected items, which is usually an empty\nlist.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48726",
"url": "https://www.suse.com/security/cve/CVE-2022-48726"
},
{
"category": "external",
"summary": "SUSE Bug 1226686 for CVE-2022-48726",
"url": "https://bugzilla.suse.com/1226686"
},
{
"category": "external",
"summary": "SUSE Bug 1227552 for CVE-2022-48726",
"url": "https://bugzilla.suse.com/1227552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48726"
},
{
"cve": "CVE-2022-48727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48727"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Avoid consuming a stale esr value when SError occur\n\nWhen any exception other than an IRQ occurs, the CPU updates the ESR_EL2\nregister with the exception syndrome. An SError may also become pending,\nand will be synchronised by KVM. KVM notes the exception type, and whether\nan SError was synchronised in exit_code.\n\nWhen an exception other than an IRQ occurs, fixup_guest_exit() updates\nvcpu-\u003earch.fault.esr_el2 from the hardware register. When an SError was\nsynchronised, the vcpu esr value is used to determine if the exception\nwas due to an HVC. If so, ELR_EL2 is moved back one instruction. This\nis so that KVM can process the SError first, and re-execute the HVC if\nthe guest survives the SError.\n\nBut if an IRQ synchronises an SError, the vcpu\u0027s esr value is stale.\nIf the previous non-IRQ exception was an HVC, KVM will corrupt ELR_EL2,\ncausing an unrelated guest instruction to be executed twice.\n\nCheck ARM_EXCEPTION_CODE() before messing with ELR_EL2, IRQs don\u0027t\nupdate this register so don\u0027t need to check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48727",
"url": "https://www.suse.com/security/cve/CVE-2022-48727"
},
{
"category": "external",
"summary": "SUSE Bug 1226690 for CVE-2022-48727",
"url": "https://bugzilla.suse.com/1226690"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48727"
},
{
"cve": "CVE-2022-48728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix AIP early init panic\n\nAn early failure in hfi1_ipoib_setup_rn() can lead to the following panic:\n\n BUG: unable to handle kernel NULL pointer dereference at 00000000000001b0\n PGD 0 P4D 0\n Oops: 0002 [#1] SMP NOPTI\n Workqueue: events work_for_cpu_fn\n RIP: 0010:try_to_grab_pending+0x2b/0x140\n Code: 1f 44 00 00 41 55 41 54 55 48 89 d5 53 48 89 fb 9c 58 0f 1f 44 00 00 48 89 c2 fa 66 0f 1f 44 00 00 48 89 55 00 40 84 f6 75 77 \u003cf0\u003e 48 0f ba 2b 00 72 09 31 c0 5b 5d 41 5c 41 5d c3 48 89 df e8 6c\n RSP: 0018:ffffb6b3cf7cfa48 EFLAGS: 00010046\n RAX: 0000000000000246 RBX: 00000000000001b0 RCX: 0000000000000000\n RDX: 0000000000000246 RSI: 0000000000000000 RDI: 00000000000001b0\n RBP: ffffb6b3cf7cfa70 R08: 0000000000000f09 R09: 0000000000000001\n R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000\n R13: ffffb6b3cf7cfa90 R14: ffffffff9b2fbfc0 R15: ffff8a4fdf244690\n FS: 0000000000000000(0000) GS:ffff8a527f400000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00000000000001b0 CR3: 00000017e2410003 CR4: 00000000007706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n __cancel_work_timer+0x42/0x190\n ? dev_printk_emit+0x4e/0x70\n iowait_cancel_work+0x15/0x30 [hfi1]\n hfi1_ipoib_txreq_deinit+0x5a/0x220 [hfi1]\n ? dev_err+0x6c/0x90\n hfi1_ipoib_netdev_dtor+0x15/0x30 [hfi1]\n hfi1_ipoib_setup_rn+0x10e/0x150 [hfi1]\n rdma_init_netdev+0x5a/0x80 [ib_core]\n ? hfi1_ipoib_free_rdma_netdev+0x20/0x20 [hfi1]\n ipoib_intf_init+0x6c/0x350 [ib_ipoib]\n ipoib_intf_alloc+0x5c/0xc0 [ib_ipoib]\n ipoib_add_one+0xbe/0x300 [ib_ipoib]\n add_client_context+0x12c/0x1a0 [ib_core]\n enable_device_and_get+0xdc/0x1d0 [ib_core]\n ib_register_device+0x572/0x6b0 [ib_core]\n rvt_register_device+0x11b/0x220 [rdmavt]\n hfi1_register_ib_device+0x6b4/0x770 [hfi1]\n do_init_one.isra.20+0x3e3/0x680 [hfi1]\n local_pci_probe+0x41/0x90\n work_for_cpu_fn+0x16/0x20\n process_one_work+0x1a7/0x360\n ? create_worker+0x1a0/0x1a0\n worker_thread+0x1cf/0x390\n ? create_worker+0x1a0/0x1a0\n kthread+0x116/0x130\n ? kthread_flush_work_fn+0x10/0x10\n ret_from_fork+0x1f/0x40\n\nThe panic happens in hfi1_ipoib_txreq_deinit() because there is a NULL\nderef when hfi1_ipoib_netdev_dtor() is called in this error case.\n\nhfi1_ipoib_txreq_init() and hfi1_ipoib_rxq_init() are self unwinding so\nfix by adjusting the error paths accordingly.\n\nOther changes:\n- hfi1_ipoib_free_rdma_netdev() is deleted including the free_netdev()\n since the netdev core code deletes calls free_netdev()\n- The switch to the accelerated entrances is moved to the success path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48728",
"url": "https://www.suse.com/security/cve/CVE-2022-48728"
},
{
"category": "external",
"summary": "SUSE Bug 1226691 for CVE-2022-48728",
"url": "https://bugzilla.suse.com/1226691"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48728"
},
{
"cve": "CVE-2022-48729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48729"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix panic with larger ipoib send_queue_size\n\nWhen the ipoib send_queue_size is increased from the default the following\npanic happens:\n\n RIP: 0010:hfi1_ipoib_drain_tx_ring+0x45/0xf0 [hfi1]\n Code: 31 e4 eb 0f 8b 85 c8 02 00 00 41 83 c4 01 44 39 e0 76 60 8b 8d cc 02 00 00 44 89 e3 be 01 00 00 00 d3 e3 48 03 9d c0 02 00 00 \u003cc7\u003e 83 18 01 00 00 00 00 00 00 48 8b bb 30 01 00 00 e8 25 af a7 e0\n RSP: 0018:ffffc9000798f4a0 EFLAGS: 00010286\n RAX: 0000000000008000 RBX: ffffc9000aa0f000 RCX: 000000000000000f\n RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\n RBP: ffff88810ff08000 R08: ffff88889476d900 R09: 0000000000000101\n R10: 0000000000000000 R11: ffffc90006590ff8 R12: 0000000000000200\n R13: ffffc9000798fba8 R14: 0000000000000000 R15: 0000000000000001\n FS: 00007fd0f79cc3c0(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffc9000aa0f118 CR3: 0000000889c84001 CR4: 00000000001706e0\n Call Trace:\n \u003cTASK\u003e\n hfi1_ipoib_napi_tx_disable+0x45/0x60 [hfi1]\n hfi1_ipoib_dev_stop+0x18/0x80 [hfi1]\n ipoib_ib_dev_stop+0x1d/0x40 [ib_ipoib]\n ipoib_stop+0x48/0xc0 [ib_ipoib]\n __dev_close_many+0x9e/0x110\n __dev_change_flags+0xd9/0x210\n dev_change_flags+0x21/0x60\n do_setlink+0x31c/0x10f0\n ? __nla_validate_parse+0x12d/0x1a0\n ? __nla_parse+0x21/0x30\n ? inet6_validate_link_af+0x5e/0xf0\n ? cpumask_next+0x1f/0x20\n ? __snmp6_fill_stats64.isra.53+0xbb/0x140\n ? __nla_validate_parse+0x47/0x1a0\n __rtnl_newlink+0x530/0x910\n ? pskb_expand_head+0x73/0x300\n ? __kmalloc_node_track_caller+0x109/0x280\n ? __nla_put+0xc/0x20\n ? cpumask_next_and+0x20/0x30\n ? update_sd_lb_stats.constprop.144+0xd3/0x820\n ? _raw_spin_unlock_irqrestore+0x25/0x37\n ? __wake_up_common_lock+0x87/0xc0\n ? kmem_cache_alloc_trace+0x3d/0x3d0\n rtnl_newlink+0x43/0x60\n\nThe issue happens when the shift that should have been a function of the\ntxq item size mistakenly used the ring size.\n\nFix by using the item size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48729",
"url": "https://www.suse.com/security/cve/CVE-2022-48729"
},
{
"category": "external",
"summary": "SUSE Bug 1226710 for CVE-2022-48729",
"url": "https://bugzilla.suse.com/1226710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48729"
},
{
"cve": "CVE-2022-48730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48730"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf: heaps: Fix potential spectre v1 gadget\n\nIt appears like nr could be a Spectre v1 gadget as it\u0027s supplied by a\nuser and used as an array index. Prevent the contents\nof kernel memory from being leaked to userspace via speculative\nexecution by using array_index_nospec.\n\n [sumits: added fixes and cc: stable tags]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48730",
"url": "https://www.suse.com/security/cve/CVE-2022-48730"
},
{
"category": "external",
"summary": "SUSE Bug 1226713 for CVE-2022-48730",
"url": "https://bugzilla.suse.com/1226713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48730"
},
{
"cve": "CVE-2022-48732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix off by one in BIOS boundary checking\n\nBounds checking when parsing init scripts embedded in the BIOS reject\naccess to the last byte. This causes driver initialization to fail on\nApple eMac\u0027s with GeForce 2 MX GPUs, leaving the system with no working\nconsole.\n\nThis is probably only seen on OpenFirmware machines like PowerPC Macs\nbecause the BIOS image provided by OF is only the used parts of the ROM,\nnot a power-of-two blocks read from PCI directly so PCs always have\nempty bytes at the end that are never accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48732",
"url": "https://www.suse.com/security/cve/CVE-2022-48732"
},
{
"category": "external",
"summary": "SUSE Bug 1226716 for CVE-2022-48732",
"url": "https://bugzilla.suse.com/1226716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48732"
},
{
"cve": "CVE-2022-48733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free after failure to create a snapshot\n\nAt ioctl.c:create_snapshot(), we allocate a pending snapshot structure and\nthen attach it to the transaction\u0027s list of pending snapshots. After that\nwe call btrfs_commit_transaction(), and if that returns an error we jump\nto \u0027fail\u0027 label, where we kfree() the pending snapshot structure. This can\nresult in a later use-after-free of the pending snapshot:\n\n1) We allocated the pending snapshot and added it to the transaction\u0027s\n list of pending snapshots;\n\n2) We call btrfs_commit_transaction(), and it fails either at the first\n call to btrfs_run_delayed_refs() or btrfs_start_dirty_block_groups().\n In both cases, we don\u0027t abort the transaction and we release our\n transaction handle. We jump to the \u0027fail\u0027 label and free the pending\n snapshot structure. We return with the pending snapshot still in the\n transaction\u0027s list;\n\n3) Another task commits the transaction. This time there\u0027s no error at\n all, and then during the transaction commit it accesses a pointer\n to the pending snapshot structure that the snapshot creation task\n has already freed, resulting in a user-after-free.\n\nThis issue could actually be detected by smatch, which produced the\nfollowing warning:\n\n fs/btrfs/ioctl.c:843 create_snapshot() warn: \u0027\u0026pending_snapshot-\u003elist\u0027 not removed from list\n\nSo fix this by not having the snapshot creation ioctl directly add the\npending snapshot to the transaction\u0027s list. Instead add the pending\nsnapshot to the transaction handle, and then at btrfs_commit_transaction()\nwe add the snapshot to the list only when we can guarantee that any error\nreturned after that point will result in a transaction abort, in which\ncase the ioctl code can safely free the pending snapshot and no one can\naccess it anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48733",
"url": "https://www.suse.com/security/cve/CVE-2022-48733"
},
{
"category": "external",
"summary": "SUSE Bug 1226718 for CVE-2022-48733",
"url": "https://bugzilla.suse.com/1226718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48733"
},
{
"cve": "CVE-2022-48734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48734"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix deadlock between quota disable and qgroup rescan worker\n\nQuota disable ioctl starts a transaction before waiting for the qgroup\nrescan worker completes. However, this wait can be infinite and results\nin deadlock because of circular dependency among the quota disable\nioctl, the qgroup rescan worker and the other task with transaction such\nas block group relocation task.\n\nThe deadlock happens with the steps following:\n\n1) Task A calls ioctl to disable quota. It starts a transaction and\n waits for qgroup rescan worker completes.\n2) Task B such as block group relocation task starts a transaction and\n joins to the transaction that task A started. Then task B commits to\n the transaction. In this commit, task B waits for a commit by task A.\n3) Task C as the qgroup rescan worker starts its job and starts a\n transaction. In this transaction start, task C waits for completion\n of the transaction that task A started and task B committed.\n\nThis deadlock was found with fstests test case btrfs/115 and a zoned\nnull_blk device. The test case enables and disables quota, and the\nblock group reclaim was triggered during the quota disable by chance.\nThe deadlock was also observed by running quota enable and disable in\nparallel with \u0027btrfs balance\u0027 command on regular null_blk devices.\n\nAn example report of the deadlock:\n\n [372.469894] INFO: task kworker/u16:6:103 blocked for more than 122 seconds.\n [372.479944] Not tainted 5.16.0-rc8 #7\n [372.485067] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n [372.493898] task:kworker/u16:6 state:D stack: 0 pid: 103 ppid: 2 flags:0x00004000\n [372.503285] Workqueue: btrfs-qgroup-rescan btrfs_work_helper [btrfs]\n [372.510782] Call Trace:\n [372.514092] \u003cTASK\u003e\n [372.521684] __schedule+0xb56/0x4850\n [372.530104] ? io_schedule_timeout+0x190/0x190\n [372.538842] ? lockdep_hardirqs_on+0x7e/0x100\n [372.547092] ? _raw_spin_unlock_irqrestore+0x3e/0x60\n [372.555591] schedule+0xe0/0x270\n [372.561894] btrfs_commit_transaction+0x18bb/0x2610 [btrfs]\n [372.570506] ? btrfs_apply_pending_changes+0x50/0x50 [btrfs]\n [372.578875] ? free_unref_page+0x3f2/0x650\n [372.585484] ? finish_wait+0x270/0x270\n [372.591594] ? release_extent_buffer+0x224/0x420 [btrfs]\n [372.599264] btrfs_qgroup_rescan_worker+0xc13/0x10c0 [btrfs]\n [372.607157] ? lock_release+0x3a9/0x6d0\n [372.613054] ? btrfs_qgroup_account_extent+0xda0/0xda0 [btrfs]\n [372.620960] ? do_raw_spin_lock+0x11e/0x250\n [372.627137] ? rwlock_bug.part.0+0x90/0x90\n [372.633215] ? lock_is_held_type+0xe4/0x140\n [372.639404] btrfs_work_helper+0x1ae/0xa90 [btrfs]\n [372.646268] process_one_work+0x7e9/0x1320\n [372.652321] ? lock_release+0x6d0/0x6d0\n [372.658081] ? pwq_dec_nr_in_flight+0x230/0x230\n [372.664513] ? rwlock_bug.part.0+0x90/0x90\n [372.670529] worker_thread+0x59e/0xf90\n [372.676172] ? process_one_work+0x1320/0x1320\n [372.682440] kthread+0x3b9/0x490\n [372.687550] ? _raw_spin_unlock_irq+0x24/0x50\n [372.693811] ? set_kthread_struct+0x100/0x100\n [372.700052] ret_from_fork+0x22/0x30\n [372.705517] \u003c/TASK\u003e\n [372.709747] INFO: task btrfs-transacti:2347 blocked for more than 123 seconds.\n [372.729827] Not tainted 5.16.0-rc8 #7\n [372.745907] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n [372.767106] task:btrfs-transacti state:D stack: 0 pid: 2347 ppid: 2 flags:0x00004000\n [372.787776] Call Trace:\n [372.801652] \u003cTASK\u003e\n [372.812961] __schedule+0xb56/0x4850\n [372.830011] ? io_schedule_timeout+0x190/0x190\n [372.852547] ? lockdep_hardirqs_on+0x7e/0x100\n [372.871761] ? _raw_spin_unlock_irqrestore+0x3e/0x60\n [372.886792] schedule+0xe0/0x270\n [372.901685] wait_current_trans+0x22c/0x310 [btrfs]\n [372.919743] ? btrfs_put_transaction+0x3d0/0x3d0 [btrfs]\n [372.938923] ? finish_wait+0x270/0x270\n [372.959085] ? join_transaction+0xc7\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48734",
"url": "https://www.suse.com/security/cve/CVE-2022-48734"
},
{
"category": "external",
"summary": "SUSE Bug 1226626 for CVE-2022-48734",
"url": "https://bugzilla.suse.com/1226626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48734"
},
{
"cve": "CVE-2022-48735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Fix UAF of leds class devs at unbinding\n\nThe LED class devices that are created by HD-audio codec drivers are\nregistered via devm_led_classdev_register() and associated with the\nHD-audio codec device. Unfortunately, it turned out that the devres\nrelease doesn\u0027t work for this case; namely, since the codec resource\nrelease happens before the devm call chain, it triggers a NULL\ndereference or a UAF for a stale set_brightness_delay callback.\n\nFor fixing the bug, this patch changes the LED class device register\nand unregister in a manual manner without devres, keeping the\ninstances in hda_gen_spec.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48735",
"url": "https://www.suse.com/security/cve/CVE-2022-48735"
},
{
"category": "external",
"summary": "SUSE Bug 1226719 for CVE-2022-48735",
"url": "https://bugzilla.suse.com/1226719"
},
{
"category": "external",
"summary": "SUSE Bug 1227438 for CVE-2022-48735",
"url": "https://bugzilla.suse.com/1227438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2022-48735"
},
{
"cve": "CVE-2022-48736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48736"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48736",
"url": "https://www.suse.com/security/cve/CVE-2022-48736"
},
{
"category": "external",
"summary": "SUSE Bug 1226721 for CVE-2022-48736",
"url": "https://bugzilla.suse.com/1226721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2022-48736"
},
{
"cve": "CVE-2022-48737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48737"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48737",
"url": "https://www.suse.com/security/cve/CVE-2022-48737"
},
{
"category": "external",
"summary": "SUSE Bug 1226762 for CVE-2022-48737",
"url": "https://bugzilla.suse.com/1226762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2022-48737"
},
{
"cve": "CVE-2022-48738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Reject out of bounds values in snd_soc_put_volsw()\n\nWe don\u0027t currently validate that the values being set are within the range\nwe advertised to userspace as being valid, do so and reject any values\nthat are out of range.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48738",
"url": "https://www.suse.com/security/cve/CVE-2022-48738"
},
{
"category": "external",
"summary": "SUSE Bug 1226674 for CVE-2022-48738",
"url": "https://bugzilla.suse.com/1226674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48738"
},
{
"cve": "CVE-2022-48739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: hdmi-codec: Fix OOB memory accesses\n\nCorrect size of iec_status array by changing it to the size of status\narray of the struct snd_aes_iec958. This fixes out-of-bounds slab\nread accesses made by memcpy() of the hdmi-codec driver. This problem\nis reported by KASAN.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48739",
"url": "https://www.suse.com/security/cve/CVE-2022-48739"
},
{
"category": "external",
"summary": "SUSE Bug 1226675 for CVE-2022-48739",
"url": "https://bugzilla.suse.com/1226675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48739"
},
{
"cve": "CVE-2022-48740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: fix double free of cond_list on error paths\n\nOn error path from cond_read_list() and duplicate_policydb_cond_list()\nthe cond_list_destroy() gets called a second time in caller functions,\nresulting in NULL pointer deref. Fix this by resetting the\ncond_list_len to 0 in cond_list_destroy(), making subsequent calls a\nnoop.\n\nAlso consistently reset the cond_list pointer to NULL after freeing.\n\n[PM: fix line lengths in the description]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48740",
"url": "https://www.suse.com/security/cve/CVE-2022-48740"
},
{
"category": "external",
"summary": "SUSE Bug 1226699 for CVE-2022-48740",
"url": "https://bugzilla.suse.com/1226699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48740"
},
{
"cve": "CVE-2022-48743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: amd-xgbe: Fix skb data length underflow\n\nThere will be BUG_ON() triggered in include/linux/skbuff.h leading to\nintermittent kernel panic, when the skb length underflow is detected.\n\nFix this by dropping the packet if such length underflows are seen\nbecause of inconsistencies in the hardware descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48743",
"url": "https://www.suse.com/security/cve/CVE-2022-48743"
},
{
"category": "external",
"summary": "SUSE Bug 1226705 for CVE-2022-48743",
"url": "https://bugzilla.suse.com/1226705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48743"
},
{
"cve": "CVE-2022-48744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Avoid field-overflowing memcpy()\n\nIn preparation for FORTIFY_SOURCE performing compile-time and run-time\nfield bounds checking for memcpy(), memmove(), and memset(), avoid\nintentionally writing across neighboring fields.\n\nUse flexible arrays instead of zero-element arrays (which look like they\nare always overflowing) and split the cross-field memcpy() into two halves\nthat can be appropriately bounds-checked by the compiler.\n\nWe were doing:\n\n\t#define ETH_HLEN 14\n\t#define VLAN_HLEN 4\n\t...\n\t#define MLX5E_XDP_MIN_INLINE (ETH_HLEN + VLAN_HLEN)\n\t...\n struct mlx5e_tx_wqe *wqe = mlx5_wq_cyc_get_wqe(wq, pi);\n\t...\n struct mlx5_wqe_eth_seg *eseg = \u0026wqe-\u003eeth;\n struct mlx5_wqe_data_seg *dseg = wqe-\u003edata;\n\t...\n\tmemcpy(eseg-\u003einline_hdr.start, xdptxd-\u003edata, MLX5E_XDP_MIN_INLINE);\n\ntarget is wqe-\u003eeth.inline_hdr.start (which the compiler sees as being\n2 bytes in size), but copying 18, intending to write across start\n(really vlan_tci, 2 bytes). The remaining 16 bytes get written into\nwqe-\u003edata[0], covering byte_count (4 bytes), lkey (4 bytes), and addr\n(8 bytes).\n\nstruct mlx5e_tx_wqe {\n struct mlx5_wqe_ctrl_seg ctrl; /* 0 16 */\n struct mlx5_wqe_eth_seg eth; /* 16 16 */\n struct mlx5_wqe_data_seg data[]; /* 32 0 */\n\n /* size: 32, cachelines: 1, members: 3 */\n /* last cacheline: 32 bytes */\n};\n\nstruct mlx5_wqe_eth_seg {\n u8 swp_outer_l4_offset; /* 0 1 */\n u8 swp_outer_l3_offset; /* 1 1 */\n u8 swp_inner_l4_offset; /* 2 1 */\n u8 swp_inner_l3_offset; /* 3 1 */\n u8 cs_flags; /* 4 1 */\n u8 swp_flags; /* 5 1 */\n __be16 mss; /* 6 2 */\n __be32 flow_table_metadata; /* 8 4 */\n union {\n struct {\n __be16 sz; /* 12 2 */\n u8 start[2]; /* 14 2 */\n } inline_hdr; /* 12 4 */\n struct {\n __be16 type; /* 12 2 */\n __be16 vlan_tci; /* 14 2 */\n } insert; /* 12 4 */\n __be32 trailer; /* 12 4 */\n }; /* 12 4 */\n\n /* size: 16, cachelines: 1, members: 9 */\n /* last cacheline: 16 bytes */\n};\n\nstruct mlx5_wqe_data_seg {\n __be32 byte_count; /* 0 4 */\n __be32 lkey; /* 4 4 */\n __be64 addr; /* 8 8 */\n\n /* size: 16, cachelines: 1, members: 3 */\n /* last cacheline: 16 bytes */\n};\n\nSo, split the memcpy() so the compiler can reason about the buffer\nsizes.\n\n\"pahole\" shows no size nor member offset changes to struct mlx5e_tx_wqe\nnor struct mlx5e_umr_wqe. \"objdump -d\" shows no meaningful object\ncode changes (i.e. only source line number induced differences and\noptimizations).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48744",
"url": "https://www.suse.com/security/cve/CVE-2022-48744"
},
{
"category": "external",
"summary": "SUSE Bug 1226696 for CVE-2022-48744",
"url": "https://bugzilla.suse.com/1226696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48744"
},
{
"cve": "CVE-2022-48745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48745"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Use del_timer_sync in fw reset flow of halting poll\n\nSubstitute del_timer() with del_timer_sync() in fw reset polling\ndeactivation flow, in order to prevent a race condition which occurs\nwhen del_timer() is called and timer is deactivated while another\nprocess is handling the timer interrupt. A situation that led to\nthe following call trace:\n\tRIP: 0010:run_timer_softirq+0x137/0x420\n\t\u003cIRQ\u003e\n\trecalibrate_cpu_khz+0x10/0x10\n\tktime_get+0x3e/0xa0\n\t? sched_clock_cpu+0xb/0xc0\n\t__do_softirq+0xf5/0x2ea\n\tirq_exit_rcu+0xc1/0xf0\n\tsysvec_apic_timer_interrupt+0x9e/0xc0\n\tasm_sysvec_apic_timer_interrupt+0x12/0x20\n\t\u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48745",
"url": "https://www.suse.com/security/cve/CVE-2022-48745"
},
{
"category": "external",
"summary": "SUSE Bug 1226702 for CVE-2022-48745",
"url": "https://bugzilla.suse.com/1226702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48745"
},
{
"cve": "CVE-2022-48746",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48746"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix handling of wrong devices during bond netevent\n\nCurrent implementation of bond netevent handler only check if\nthe handled netdev is VF representor and it missing a check if\nthe VF representor is on the same phys device of the bond handling\nthe netevent.\n\nFix by adding the missing check and optimizing the check if\nthe netdev is VF representor so it will not access uninitialized\nprivate data and crashes.\n\nBUG: kernel NULL pointer dereference, address: 000000000000036c\nPGD 0 P4D 0\nOops: 0000 [#1] SMP NOPTI\nWorkqueue: eth3bond0 bond_mii_monitor [bonding]\nRIP: 0010:mlx5e_is_uplink_rep+0xc/0x50 [mlx5_core]\nRSP: 0018:ffff88812d69fd60 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff8881cf800000 RCX: 0000000000000000\nRDX: ffff88812d69fe10 RSI: 000000000000001b RDI: ffff8881cf800880\nRBP: ffff8881cf800000 R08: 00000445cabccf2b R09: 0000000000000008\nR10: 0000000000000004 R11: 0000000000000008 R12: ffff88812d69fe10\nR13: 00000000fffffffe R14: ffff88820c0f9000 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffff88846fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000000036c CR3: 0000000103d80006 CR4: 0000000000370ea0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n mlx5e_eswitch_uplink_rep+0x31/0x40 [mlx5_core]\n mlx5e_rep_is_lag_netdev+0x94/0xc0 [mlx5_core]\n mlx5e_rep_esw_bond_netevent+0xeb/0x3d0 [mlx5_core]\n raw_notifier_call_chain+0x41/0x60\n call_netdevice_notifiers_info+0x34/0x80\n netdev_lower_state_changed+0x4e/0xa0\n bond_mii_monitor+0x56b/0x640 [bonding]\n process_one_work+0x1b9/0x390\n worker_thread+0x4d/0x3d0\n ? rescuer_thread+0x350/0x350\n kthread+0x124/0x150\n ? set_kthread_struct+0x40/0x40\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48746",
"url": "https://www.suse.com/security/cve/CVE-2022-48746"
},
{
"category": "external",
"summary": "SUSE Bug 1226703 for CVE-2022-48746",
"url": "https://bugzilla.suse.com/1226703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48746"
},
{
"cve": "CVE-2022-48747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix wrong offset in bio_truncate()\n\nbio_truncate() clears the buffer outside of last block of bdev, however\ncurrent bio_truncate() is using the wrong offset of page. So it can\nreturn the uninitialized data.\n\nThis happened when both of truncated/corrupted FS and userspace (via\nbdev) are trying to read the last of bdev.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48747",
"url": "https://www.suse.com/security/cve/CVE-2022-48747"
},
{
"category": "external",
"summary": "SUSE Bug 1226643 for CVE-2022-48747",
"url": "https://bugzilla.suse.com/1226643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48747"
},
{
"cve": "CVE-2022-48748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48748"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: vlan: fix memory leak in __allowed_ingress\n\nWhen using per-vlan state, if vlan snooping and stats are disabled,\nuntagged or priority-tagged ingress frame will go to check pvid state.\nIf the port state is forwarding and the pvid state is not\nlearning/forwarding, untagged or priority-tagged frame will be dropped\nbut skb memory is not freed.\nShould free skb when __allowed_ingress returns false.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48748",
"url": "https://www.suse.com/security/cve/CVE-2022-48748"
},
{
"category": "external",
"summary": "SUSE Bug 1226647 for CVE-2022-48748",
"url": "https://bugzilla.suse.com/1226647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48748"
},
{
"cve": "CVE-2022-48749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc\n\nThe function performs a check on the \"ctx\" input parameter, however, it\nis used before the check.\n\nInitialize the \"base\" variable after the sanity check to avoid a\npossible NULL pointer dereference.\n\nAddresses-Coverity-ID: 1493866 (\"Null pointer dereference\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48749",
"url": "https://www.suse.com/security/cve/CVE-2022-48749"
},
{
"category": "external",
"summary": "SUSE Bug 1226650 for CVE-2022-48749",
"url": "https://bugzilla.suse.com/1226650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48749"
},
{
"cve": "CVE-2022-48751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Transitional solution for clcsock race issue\n\nWe encountered a crash in smc_setsockopt() and it is caused by\naccessing smc-\u003eclcsock after clcsock was released.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000020\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 1 PID: 50309 Comm: nginx Kdump: loaded Tainted: G E 5.16.0-rc4+ #53\n RIP: 0010:smc_setsockopt+0x59/0x280 [smc]\n Call Trace:\n \u003cTASK\u003e\n __sys_setsockopt+0xfc/0x190\n __x64_sys_setsockopt+0x20/0x30\n do_syscall_64+0x34/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f16ba83918e\n \u003c/TASK\u003e\n\nThis patch tries to fix it by holding clcsock_release_lock and\nchecking whether clcsock has already been released before access.\n\nIn case that a crash of the same reason happens in smc_getsockopt()\nor smc_switch_to_fallback(), this patch also checkes smc-\u003eclcsock\nin them too. And the caller of smc_switch_to_fallback() will identify\nwhether fallback succeeds according to the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48751",
"url": "https://www.suse.com/security/cve/CVE-2022-48751"
},
{
"category": "external",
"summary": "SUSE Bug 1226653 for CVE-2022-48751",
"url": "https://bugzilla.suse.com/1226653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48751"
},
{
"cve": "CVE-2022-48752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending\n\nRunning selftest with CONFIG_PPC_IRQ_SOFT_MASK_DEBUG enabled in kernel\ntriggered below warning:\n\n[ 172.851380] ------------[ cut here ]------------\n[ 172.851391] WARNING: CPU: 8 PID: 2901 at arch/powerpc/include/asm/hw_irq.h:246 power_pmu_disable+0x270/0x280\n[ 172.851402] Modules linked in: dm_mod bonding nft_ct nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables rfkill nfnetlink sunrpc xfs libcrc32c pseries_rng xts vmx_crypto uio_pdrv_genirq uio sch_fq_codel ip_tables ext4 mbcache jbd2 sd_mod t10_pi sg ibmvscsi ibmveth scsi_transport_srp fuse\n[ 172.851442] CPU: 8 PID: 2901 Comm: lost_exception_ Not tainted 5.16.0-rc5-03218-g798527287598 #2\n[ 172.851451] NIP: c00000000013d600 LR: c00000000013d5a4 CTR: c00000000013b180\n[ 172.851458] REGS: c000000017687860 TRAP: 0700 Not tainted (5.16.0-rc5-03218-g798527287598)\n[ 172.851465] MSR: 8000000000029033 \u003cSF,EE,ME,IR,DR,RI,LE\u003e CR: 48004884 XER: 20040000\n[ 172.851482] CFAR: c00000000013d5b4 IRQMASK: 1\n[ 172.851482] GPR00: c00000000013d5a4 c000000017687b00 c000000002a10600 0000000000000004\n[ 172.851482] GPR04: 0000000082004000 c0000008ba08f0a8 0000000000000000 00000008b7ed0000\n[ 172.851482] GPR08: 00000000446194f6 0000000000008000 c00000000013b118 c000000000d58e68\n[ 172.851482] GPR12: c00000000013d390 c00000001ec54a80 0000000000000000 0000000000000000\n[ 172.851482] GPR16: 0000000000000000 0000000000000000 c000000015d5c708 c0000000025396d0\n[ 172.851482] GPR20: 0000000000000000 0000000000000000 c00000000a3bbf40 0000000000000003\n[ 172.851482] GPR24: 0000000000000000 c0000008ba097400 c0000000161e0d00 c00000000a3bb600\n[ 172.851482] GPR28: c000000015d5c700 0000000000000001 0000000082384090 c0000008ba0020d8\n[ 172.851549] NIP [c00000000013d600] power_pmu_disable+0x270/0x280\n[ 172.851557] LR [c00000000013d5a4] power_pmu_disable+0x214/0x280\n[ 172.851565] Call Trace:\n[ 172.851568] [c000000017687b00] [c00000000013d5a4] power_pmu_disable+0x214/0x280 (unreliable)\n[ 172.851579] [c000000017687b40] [c0000000003403ac] perf_pmu_disable+0x4c/0x60\n[ 172.851588] [c000000017687b60] [c0000000003445e4] __perf_event_task_sched_out+0x1d4/0x660\n[ 172.851596] [c000000017687c50] [c000000000d1175c] __schedule+0xbcc/0x12a0\n[ 172.851602] [c000000017687d60] [c000000000d11ea8] schedule+0x78/0x140\n[ 172.851608] [c000000017687d90] [c0000000001a8080] sys_sched_yield+0x20/0x40\n[ 172.851615] [c000000017687db0] [c0000000000334dc] system_call_exception+0x18c/0x380\n[ 172.851622] [c000000017687e10] [c00000000000c74c] system_call_common+0xec/0x268\n\nThe warning indicates that MSR_EE being set(interrupt enabled) when\nthere was an overflown PMC detected. This could happen in\npower_pmu_disable since it runs under interrupt soft disable\ncondition ( local_irq_save ) and not with interrupts hard disabled.\ncommit 2c9ac51b850d (\"powerpc/perf: Fix PMU callbacks to clear\npending PMI before resetting an overflown PMC\") intended to clear\nPMI pending bit in Paca when disabling the PMU. It could happen\nthat PMC gets overflown while code is in power_pmu_disable\ncallback function. Hence add a check to see if PMI pending bit\nis set in Paca before clearing it via clear_pmi_pending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48752",
"url": "https://www.suse.com/security/cve/CVE-2022-48752"
},
{
"category": "external",
"summary": "SUSE Bug 1226709 for CVE-2022-48752",
"url": "https://bugzilla.suse.com/1226709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48752"
},
{
"cve": "CVE-2022-48753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix memory leak in disk_register_independent_access_ranges\n\nkobject_init_and_add() takes reference even when it fails.\nAccording to the doc of kobject_init_and_add()\n\n If this function returns an error, kobject_put() must be called to\n properly clean up the memory associated with the object.\n\nFix this issue by adding kobject_put().\nCallback function blk_ia_ranges_sysfs_release() in kobject_put()\ncan handle the pointer \"iars\" properly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48753",
"url": "https://www.suse.com/security/cve/CVE-2022-48753"
},
{
"category": "external",
"summary": "SUSE Bug 1226693 for CVE-2022-48753",
"url": "https://bugzilla.suse.com/1226693"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48753"
},
{
"cve": "CVE-2022-48754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphylib: fix potential use-after-free\n\nCommit bafbdd527d56 (\"phylib: Add device reset GPIO support\") added call\nto phy_device_reset(phydev) after the put_device() call in phy_detach().\n\nThe comment before the put_device() call says that the phydev might go\naway with put_device().\n\nFix potential use-after-free by calling phy_device_reset() before\nput_device().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48754",
"url": "https://www.suse.com/security/cve/CVE-2022-48754"
},
{
"category": "external",
"summary": "SUSE Bug 1226692 for CVE-2022-48754",
"url": "https://bugzilla.suse.com/1226692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48754"
},
{
"cve": "CVE-2022-48755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48755"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc64/bpf: Limit \u0027ldbrx\u0027 to processors compliant with ISA v2.06\n\nJohan reported the below crash with test_bpf on ppc64 e5500:\n\n test_bpf: #296 ALU_END_FROM_LE 64: 0x0123456789abcdef -\u003e 0x67452301 jited:1\n Oops: Exception in kernel mode, sig: 4 [#1]\n BE PAGE_SIZE=4K SMP NR_CPUS=24 QEMU e500\n Modules linked in: test_bpf(+)\n CPU: 0 PID: 76 Comm: insmod Not tainted 5.14.0-03771-g98c2059e008a-dirty #1\n NIP: 8000000000061c3c LR: 80000000006dea64 CTR: 8000000000061c18\n REGS: c0000000032d3420 TRAP: 0700 Not tainted (5.14.0-03771-g98c2059e008a-dirty)\n MSR: 0000000080089000 \u003cEE,ME\u003e CR: 88002822 XER: 20000000 IRQMASK: 0\n \u003c...\u003e\n NIP [8000000000061c3c] 0x8000000000061c3c\n LR [80000000006dea64] .__run_one+0x104/0x17c [test_bpf]\n Call Trace:\n .__run_one+0x60/0x17c [test_bpf] (unreliable)\n .test_bpf_init+0x6a8/0xdc8 [test_bpf]\n .do_one_initcall+0x6c/0x28c\n .do_init_module+0x68/0x28c\n .load_module+0x2460/0x2abc\n .__do_sys_init_module+0x120/0x18c\n .system_call_exception+0x110/0x1b8\n system_call_common+0xf0/0x210\n --- interrupt: c00 at 0x101d0acc\n \u003c...\u003e\n ---[ end trace 47b2bf19090bb3d0 ]---\n\n Illegal instruction\n\nThe illegal instruction turned out to be \u0027ldbrx\u0027 emitted for\nBPF_FROM_[L|B]E, which was only introduced in ISA v2.06. Guard use of\nthe same and implement an alternative approach for older processors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48755",
"url": "https://www.suse.com/security/cve/CVE-2022-48755"
},
{
"category": "external",
"summary": "SUSE Bug 1226706 for CVE-2022-48755",
"url": "https://bugzilla.suse.com/1226706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48755"
},
{
"cve": "CVE-2022-48756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dsi: invalid parameter check in msm_dsi_phy_enable\n\nThe function performs a check on the \"phy\" input parameter, however, it\nis used before the check.\n\nInitialize the \"dev\" variable after the sanity check to avoid a possible\nNULL pointer dereference.\n\nAddresses-Coverity-ID: 1493860 (\"Null pointer dereference\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48756",
"url": "https://www.suse.com/security/cve/CVE-2022-48756"
},
{
"category": "external",
"summary": "SUSE Bug 1226698 for CVE-2022-48756",
"url": "https://bugzilla.suse.com/1226698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48756"
},
{
"cve": "CVE-2022-48758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()\n\nThe bnx2fc_destroy() functions are removing the interface before calling\ndestroy_work. This results multiple WARNings from sysfs_remove_group() as\nthe controller rport device attributes are removed too early.\n\nReplace the fcoe_port\u0027s destroy_work queue. It\u0027s not needed.\n\nThe problem is easily reproducible with the following steps.\n\nExample:\n\n $ dmesg -w \u0026\n $ systemctl enable --now fcoe\n $ fipvlan -s -c ens2f1\n $ fcoeadm -d ens2f1.802\n [ 583.464488] host2: libfc: Link down on port (7500a1)\n [ 583.472651] bnx2fc: 7500a1 - rport not created Yet!!\n [ 583.490468] ------------[ cut here ]------------\n [ 583.538725] sysfs group \u0027power\u0027 not found for kobject \u0027rport-2:0-0\u0027\n [ 583.568814] WARNING: CPU: 3 PID: 192 at fs/sysfs/group.c:279 sysfs_remove_group+0x6f/0x80\n [ 583.607130] Modules linked in: dm_service_time 8021q garp mrp stp llc bnx2fc cnic uio rpcsec_gss_krb5 auth_rpcgss nfsv4 ...\n [ 583.942994] CPU: 3 PID: 192 Comm: kworker/3:2 Kdump: loaded Not tainted 5.14.0-39.el9.x86_64 #1\n [ 583.984105] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n [ 584.016535] Workqueue: fc_wq_2 fc_rport_final_delete [scsi_transport_fc]\n [ 584.050691] RIP: 0010:sysfs_remove_group+0x6f/0x80\n [ 584.074725] Code: ff 5b 48 89 ef 5d 41 5c e9 ee c0 ff ff 48 89 ef e8 f6 b8 ff ff eb d1 49 8b 14 24 48 8b 33 48 c7 c7 ...\n [ 584.162586] RSP: 0018:ffffb567c15afdc0 EFLAGS: 00010282\n [ 584.188225] RAX: 0000000000000000 RBX: ffffffff8eec4220 RCX: 0000000000000000\n [ 584.221053] RDX: ffff8c1586ce84c0 RSI: ffff8c1586cd7cc0 RDI: ffff8c1586cd7cc0\n [ 584.255089] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb567c15afc00\n [ 584.287954] R10: ffffb567c15afbf8 R11: ffffffff8fbe7f28 R12: ffff8c1486326400\n [ 584.322356] R13: ffff8c1486326480 R14: ffff8c1483a4a000 R15: 0000000000000004\n [ 584.355379] FS: 0000000000000000(0000) GS:ffff8c1586cc0000(0000) knlGS:0000000000000000\n [ 584.394419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 584.421123] CR2: 00007fe95a6f7840 CR3: 0000000107674002 CR4: 00000000000606e0\n [ 584.454888] Call Trace:\n [ 584.466108] device_del+0xb2/0x3e0\n [ 584.481701] device_unregister+0x13/0x60\n [ 584.501306] bsg_unregister_queue+0x5b/0x80\n [ 584.522029] bsg_remove_queue+0x1c/0x40\n [ 584.541884] fc_rport_final_delete+0xf3/0x1d0 [scsi_transport_fc]\n [ 584.573823] process_one_work+0x1e3/0x3b0\n [ 584.592396] worker_thread+0x50/0x3b0\n [ 584.609256] ? rescuer_thread+0x370/0x370\n [ 584.628877] kthread+0x149/0x170\n [ 584.643673] ? set_kthread_struct+0x40/0x40\n [ 584.662909] ret_from_fork+0x22/0x30\n [ 584.680002] ---[ end trace 53575ecefa942ece ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48758",
"url": "https://www.suse.com/security/cve/CVE-2022-48758"
},
{
"category": "external",
"summary": "SUSE Bug 1226708 for CVE-2022-48758",
"url": "https://bugzilla.suse.com/1226708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48758"
},
{
"cve": "CVE-2022-48759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev\n\nstruct rpmsg_ctrldev contains a struct cdev. The current code frees\nthe rpmsg_ctrldev struct in rpmsg_ctrldev_release_device(), but the\ncdev is a managed object, therefore its release is not predictable\nand the rpmsg_ctrldev could be freed before the cdev is entirely\nreleased, as in the backtrace below.\n\n[ 93.625603] ODEBUG: free active (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x7c\n[ 93.636115] WARNING: CPU: 0 PID: 12 at lib/debugobjects.c:488 debug_print_object+0x13c/0x1b0\n[ 93.644799] Modules linked in: veth xt_cgroup xt_MASQUERADE rfcomm algif_hash algif_skcipher af_alg uinput ip6table_nat fuse uvcvideo videobuf2_vmalloc venus_enc venus_dec videobuf2_dma_contig hci_uart btandroid btqca snd_soc_rt5682_i2c bluetooth qcom_spmi_temp_alarm snd_soc_rt5682v\n[ 93.715175] CPU: 0 PID: 12 Comm: kworker/0:1 Tainted: G B 5.4.163-lockdep #26\n[ 93.723855] Hardware name: Google Lazor (rev3 - 8) with LTE (DT)\n[ 93.730055] Workqueue: events kobject_delayed_cleanup\n[ 93.735271] pstate: 60c00009 (nZCv daif +PAN +UAO)\n[ 93.740216] pc : debug_print_object+0x13c/0x1b0\n[ 93.744890] lr : debug_print_object+0x13c/0x1b0\n[ 93.749555] sp : ffffffacf5bc7940\n[ 93.752978] x29: ffffffacf5bc7940 x28: dfffffd000000000\n[ 93.758448] x27: ffffffacdb11a800 x26: dfffffd000000000\n[ 93.763916] x25: ffffffd0734f856c x24: dfffffd000000000\n[ 93.769389] x23: 0000000000000000 x22: ffffffd0733c35b0\n[ 93.774860] x21: ffffffd0751994a0 x20: ffffffd075ec27c0\n[ 93.780338] x19: ffffffd075199100 x18: 00000000000276e0\n[ 93.785814] x17: 0000000000000000 x16: dfffffd000000000\n[ 93.791291] x15: ffffffffffffffff x14: 6e6968207473696c\n[ 93.796768] x13: 0000000000000000 x12: ffffffd075e2b000\n[ 93.802244] x11: 0000000000000001 x10: 0000000000000000\n[ 93.807723] x9 : d13400dff1921900 x8 : d13400dff1921900\n[ 93.813200] x7 : 0000000000000000 x6 : 0000000000000000\n[ 93.818676] x5 : 0000000000000080 x4 : 0000000000000000\n[ 93.824152] x3 : ffffffd0732a0fa4 x2 : 0000000000000001\n[ 93.829628] x1 : ffffffacf5bc7580 x0 : 0000000000000061\n[ 93.835104] Call trace:\n[ 93.837644] debug_print_object+0x13c/0x1b0\n[ 93.841963] __debug_check_no_obj_freed+0x25c/0x3c0\n[ 93.846987] debug_check_no_obj_freed+0x18/0x20\n[ 93.851669] slab_free_freelist_hook+0xbc/0x1e4\n[ 93.856346] kfree+0xfc/0x2f4\n[ 93.859416] rpmsg_ctrldev_release_device+0x78/0xb8\n[ 93.864445] device_release+0x84/0x168\n[ 93.868310] kobject_cleanup+0x12c/0x298\n[ 93.872356] kobject_delayed_cleanup+0x10/0x18\n[ 93.876948] process_one_work+0x578/0x92c\n[ 93.881086] worker_thread+0x804/0xcf8\n[ 93.884963] kthread+0x2a8/0x314\n[ 93.888303] ret_from_fork+0x10/0x18\n\nThe cdev_device_add/del() API was created to address this issue (see\ncommit \u0027233ed09d7fda (\"chardev: add helper function to register char\ndevs with a struct device\")\u0027), use it instead of cdev add/del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48759",
"url": "https://www.suse.com/security/cve/CVE-2022-48759"
},
{
"category": "external",
"summary": "SUSE Bug 1226711 for CVE-2022-48759",
"url": "https://bugzilla.suse.com/1226711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48759"
},
{
"cve": "CVE-2022-48760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix hang in usb_kill_urb by adding memory barriers\n\nThe syzbot fuzzer has identified a bug in which processes hang waiting\nfor usb_kill_urb() to return. It turns out the issue is not unlinking\nthe URB; that works just fine. Rather, the problem arises when the\nwakeup notification that the URB has completed is not received.\n\nThe reason is memory-access ordering on SMP systems. In outline form,\nusb_kill_urb() and __usb_hcd_giveback_urb() operating concurrently on\ndifferent CPUs perform the following actions:\n\nCPU 0\t\t\t\t\tCPU 1\n----------------------------\t\t---------------------------------\nusb_kill_urb():\t\t\t\t__usb_hcd_giveback_urb():\n ...\t\t\t\t\t ...\n atomic_inc(\u0026urb-\u003ereject);\t\t atomic_dec(\u0026urb-\u003euse_count);\n ...\t\t\t\t\t ...\n wait_event(usb_kill_urb_queue,\n\tatomic_read(\u0026urb-\u003euse_count) == 0);\n\t\t\t\t\t if (atomic_read(\u0026urb-\u003ereject))\n\t\t\t\t\t\twake_up(\u0026usb_kill_urb_queue);\n\nConfining your attention to urb-\u003ereject and urb-\u003euse_count, you can\nsee that the overall pattern of accesses on CPU 0 is:\n\n\twrite urb-\u003ereject, then read urb-\u003euse_count;\n\nwhereas the overall pattern of accesses on CPU 1 is:\n\n\twrite urb-\u003euse_count, then read urb-\u003ereject.\n\nThis pattern is referred to in memory-model circles as SB (for \"Store\nBuffering\"), and it is well known that without suitable enforcement of\nthe desired order of accesses -- in the form of memory barriers -- it\nis entirely possible for one or both CPUs to execute their reads ahead\nof their writes. The end result will be that sometimes CPU 0 sees the\nold un-decremented value of urb-\u003euse_count while CPU 1 sees the old\nun-incremented value of urb-\u003ereject. Consequently CPU 0 ends up on\nthe wait queue and never gets woken up, leading to the observed hang\nin usb_kill_urb().\n\nThe same pattern of accesses occurs in usb_poison_urb() and the\nfailure pathway of usb_hcd_submit_urb().\n\nThe problem is fixed by adding suitable memory barriers. To provide\nproper memory-access ordering in the SB pattern, a full barrier is\nrequired on both CPUs. The atomic_inc() and atomic_dec() accesses\nthemselves don\u0027t provide any memory ordering, but since they are\npresent, we can use the optimized smp_mb__after_atomic() memory\nbarrier in the various routines to obtain the desired effect.\n\nThis patch adds the necessary memory barriers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48760",
"url": "https://www.suse.com/security/cve/CVE-2022-48760"
},
{
"category": "external",
"summary": "SUSE Bug 1226712 for CVE-2022-48760",
"url": "https://bugzilla.suse.com/1226712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48760"
},
{
"cve": "CVE-2022-48761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci-plat: fix crash when suspend if remote wake enable\n\nCrashed at i.mx8qm platform when suspend if enable remote wakeup\n\nInternal error: synchronous external abort: 96000210 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 PID: 244 Comm: kworker/u12:6 Not tainted 5.15.5-dirty #12\nHardware name: Freescale i.MX8QM MEK (DT)\nWorkqueue: events_unbound async_run_entry_fn\npstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : xhci_disable_hub_port_wake.isra.62+0x60/0xf8\nlr : xhci_disable_hub_port_wake.isra.62+0x34/0xf8\nsp : ffff80001394bbf0\nx29: ffff80001394bbf0 x28: 0000000000000000 x27: ffff00081193b578\nx26: ffff00081193b570 x25: 0000000000000000 x24: 0000000000000000\nx23: ffff00081193a29c x22: 0000000000020001 x21: 0000000000000001\nx20: 0000000000000000 x19: ffff800014e90490 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000000 x13: 0000000000000002 x12: 0000000000000000\nx11: 0000000000000000 x10: 0000000000000960 x9 : ffff80001394baa0\nx8 : ffff0008145d1780 x7 : ffff0008f95b8e80 x6 : 000000001853b453\nx5 : 0000000000000496 x4 : 0000000000000000 x3 : ffff00081193a29c\nx2 : 0000000000000001 x1 : 0000000000000000 x0 : ffff000814591620\nCall trace:\n xhci_disable_hub_port_wake.isra.62+0x60/0xf8\n xhci_suspend+0x58/0x510\n xhci_plat_suspend+0x50/0x78\n platform_pm_suspend+0x2c/0x78\n dpm_run_callback.isra.25+0x50/0xe8\n __device_suspend+0x108/0x3c0\n\nThe basic flow:\n\t1. run time suspend call xhci_suspend, xhci parent devices gate the clock.\n 2. echo mem \u003e/sys/power/state, system _device_suspend call xhci_suspend\n 3. xhci_suspend call xhci_disable_hub_port_wake, which access register,\n\t but clock already gated by run time suspend.\n\nThis problem was hidden by power domain driver, which call run time resume before it.\n\nBut the below commit remove it and make this issue happen.\n\tcommit c1df456d0f06e (\"PM: domains: Don\u0027t runtime resume devices at genpd_prepare()\")\n\nThis patch call run time resume before suspend to make sure clock is on\nbefore access register.\n\nTesteb-by: Abel Vesa \u003cabel.vesa@nxp.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48761",
"url": "https://www.suse.com/security/cve/CVE-2022-48761"
},
{
"category": "external",
"summary": "SUSE Bug 1226701 for CVE-2022-48761",
"url": "https://bugzilla.suse.com/1226701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48761"
},
{
"cve": "CVE-2022-48763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Forcibly leave nested virt when SMM state is toggled\n\nForcibly leave nested virtualization operation if userspace toggles SMM\nstate via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVENTS. If userspace\nforces the vCPU out of SMM while it\u0027s post-VMXON and then injects an SMI,\nvmx_enter_smm() will overwrite vmx-\u003enested.smm.vmxon and end up with both\nvmxon=false and smm.vmxon=false, but all other nVMX state allocated.\n\nDon\u0027t attempt to gracefully handle the transition as (a) most transitions\nare nonsencial, e.g. forcing SMM while L2 is running, (b) there isn\u0027t\nsufficient information to handle all transitions, e.g. SVM wants access\nto the SMRAM save state, and (c) KVM_SET_VCPU_EVENTS must precede\nKVM_SET_NESTED_STATE during state restore as the latter disallows putting\nthe vCPU into L2 if SMM is active, and disallows tagging the vCPU as\nbeing post-VMXON in SMM if SMM is not active.\n\nAbuse of KVM_SET_VCPU_EVENTS manifests as a WARN and memory leak in nVMX\ndue to failure to free vmcs01\u0027s shadow VMCS, but the bug goes far beyond\njust a memory leak, e.g. toggling SMM on while L2 is active puts the vCPU\nin an architecturally impossible state.\n\n WARNING: CPU: 0 PID: 3606 at free_loaded_vmcs arch/x86/kvm/vmx/vmx.c:2665 [inline]\n WARNING: CPU: 0 PID: 3606 at free_loaded_vmcs+0x158/0x1a0 arch/x86/kvm/vmx/vmx.c:2656\n Modules linked in:\n CPU: 1 PID: 3606 Comm: syz-executor725 Not tainted 5.17.0-rc1-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\n RIP: 0010:free_loaded_vmcs arch/x86/kvm/vmx/vmx.c:2665 [inline]\n RIP: 0010:free_loaded_vmcs+0x158/0x1a0 arch/x86/kvm/vmx/vmx.c:2656\n Code: \u003c0f\u003e 0b eb b3 e8 8f 4d 9f 00 e9 f7 fe ff ff 48 89 df e8 92 4d 9f 00\n Call Trace:\n \u003cTASK\u003e\n kvm_arch_vcpu_destroy+0x72/0x2f0 arch/x86/kvm/x86.c:11123\n kvm_vcpu_destroy arch/x86/kvm/../../../virt/kvm/kvm_main.c:441 [inline]\n kvm_destroy_vcpus+0x11f/0x290 arch/x86/kvm/../../../virt/kvm/kvm_main.c:460\n kvm_free_vcpus arch/x86/kvm/x86.c:11564 [inline]\n kvm_arch_destroy_vm+0x2e8/0x470 arch/x86/kvm/x86.c:11676\n kvm_destroy_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:1217 [inline]\n kvm_put_kvm+0x4fa/0xb00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1250\n kvm_vm_release+0x3f/0x50 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1273\n __fput+0x286/0x9f0 fs/file_table.c:311\n task_work_run+0xdd/0x1a0 kernel/task_work.c:164\n exit_task_work include/linux/task_work.h:32 [inline]\n do_exit+0xb29/0x2a30 kernel/exit.c:806\n do_group_exit+0xd2/0x2f0 kernel/exit.c:935\n get_signal+0x4b0/0x28c0 kernel/signal.c:2862\n arch_do_signal_or_restart+0x2a9/0x1c40 arch/x86/kernel/signal.c:868\n handle_signal_work kernel/entry/common.c:148 [inline]\n exit_to_user_mode_loop kernel/entry/common.c:172 [inline]\n exit_to_user_mode_prepare+0x17d/0x290 kernel/entry/common.c:207\n __syscall_exit_to_user_mode_work kernel/entry/common.c:289 [inline]\n syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:300\n do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48763",
"url": "https://www.suse.com/security/cve/CVE-2022-48763"
},
{
"category": "external",
"summary": "SUSE Bug 1226628 for CVE-2022-48763",
"url": "https://bugzilla.suse.com/1226628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48763"
},
{
"cve": "CVE-2022-48765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: LAPIC: Also cancel preemption timer during SET_LAPIC\n\nThe below warning is splatting during guest reboot.\n\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 1931 at arch/x86/kvm/x86.c:10322 kvm_arch_vcpu_ioctl_run+0x874/0x880 [kvm]\n CPU: 0 PID: 1931 Comm: qemu-system-x86 Tainted: G I 5.17.0-rc1+ #5\n RIP: 0010:kvm_arch_vcpu_ioctl_run+0x874/0x880 [kvm]\n Call Trace:\n \u003cTASK\u003e\n kvm_vcpu_ioctl+0x279/0x710 [kvm]\n __x64_sys_ioctl+0x83/0xb0\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7fd39797350b\n\nThis can be triggered by not exposing tsc-deadline mode and doing a reboot in\nthe guest. The lapic_shutdown() function which is called in sys_reboot path\nwill not disarm the flying timer, it just masks LVTT. lapic_shutdown() clears\nAPIC state w/ LVT_MASKED and timer-mode bit is 0, this can trigger timer-mode\nswitch between tsc-deadline and oneshot/periodic, which can result in preemption\ntimer be cancelled in apic_update_lvtt(). However, We can\u0027t depend on this when\nnot exposing tsc-deadline mode and oneshot/periodic modes emulated by preemption\ntimer. Qemu will synchronise states around reset, let\u0027s cancel preemption timer\nunder KVM_SET_LAPIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48765",
"url": "https://www.suse.com/security/cve/CVE-2022-48765"
},
{
"category": "external",
"summary": "SUSE Bug 1226697 for CVE-2022-48765",
"url": "https://bugzilla.suse.com/1226697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48765"
},
{
"cve": "CVE-2022-48766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU.\n\nMirrors the logic for dcn30. Cue lots of WARNs and some\nkernel panics without this fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48766",
"url": "https://www.suse.com/security/cve/CVE-2022-48766"
},
{
"category": "external",
"summary": "SUSE Bug 1226704 for CVE-2022-48766",
"url": "https://bugzilla.suse.com/1226704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48766"
},
{
"cve": "CVE-2022-48767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: properly put ceph_string reference after async create attempt\n\nThe reference acquired by try_prep_async_create is currently leaked.\nEnsure we put it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48767",
"url": "https://www.suse.com/security/cve/CVE-2022-48767"
},
{
"category": "external",
"summary": "SUSE Bug 1226715 for CVE-2022-48767",
"url": "https://bugzilla.suse.com/1226715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48767"
},
{
"cve": "CVE-2022-48768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/histogram: Fix a potential memory leak for kstrdup()\n\nkfree() is missing on an error path to free the memory allocated by\nkstrdup():\n\n p = param = kstrdup(data-\u003eparams[i], GFP_KERNEL);\n\nSo it is better to free it via kfree(p).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48768",
"url": "https://www.suse.com/security/cve/CVE-2022-48768"
},
{
"category": "external",
"summary": "SUSE Bug 1226720 for CVE-2022-48768",
"url": "https://bugzilla.suse.com/1226720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48768"
},
{
"cve": "CVE-2022-48769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: runtime: avoid EFIv2 runtime services on Apple x86 machines\n\nAditya reports [0] that his recent MacbookPro crashes in the firmware\nwhen using the variable services at runtime. The culprit appears to be a\ncall to QueryVariableInfo(), which we did not use to call on Apple x86\nmachines in the past as they only upgraded from EFI v1.10 to EFI v2.40\nfirmware fairly recently, and QueryVariableInfo() (along with\nUpdateCapsule() et al) was added in EFI v2.00.\n\nThe only runtime service introduced in EFI v2.00 that we actually use in\nLinux is QueryVariableInfo(), as the capsule based ones are optional,\ngenerally not used at runtime (all the LVFS/fwupd firmware update\ninfrastructure uses helper EFI programs that invoke capsule update at\nboot time, not runtime), and not implemented by Apple machines in the\nfirst place. QueryVariableInfo() is used to \u0027safely\u0027 set variables,\ni.e., only when there is enough space. This prevents machines with buggy\nfirmwares from corrupting their NVRAMs when they run out of space.\n\nGiven that Apple machines have been using EFI v1.10 services only for\nthe longest time (the EFI v2.0 spec was released in 2006, and Linux\nsupport for the newly introduced runtime services was added in 2011, but\nthe MacbookPro12,1 released in 2015 still claims to be EFI v1.10 only),\nlet\u0027s avoid the EFI v2.0 ones on all Apple x86 machines.\n\n[0] https://lore.kernel.org/all/6D757C75-65B1-468B-842D-10410081A8E4@live.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48769",
"url": "https://www.suse.com/security/cve/CVE-2022-48769"
},
{
"category": "external",
"summary": "SUSE Bug 1226629 for CVE-2022-48769",
"url": "https://bugzilla.suse.com/1226629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48769"
},
{
"cve": "CVE-2022-48770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()\n\ntask_pt_regs() can return NULL on powerpc for kernel threads. This is\nthen used in __bpf_get_stack() to check for user mode, resulting in a\nkernel oops. Guard against this by checking return value of\ntask_pt_regs() before trying to obtain the call chain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48770",
"url": "https://www.suse.com/security/cve/CVE-2022-48770"
},
{
"category": "external",
"summary": "SUSE Bug 1226730 for CVE-2022-48770",
"url": "https://bugzilla.suse.com/1226730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48770"
},
{
"cve": "CVE-2022-48771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix stale file descriptors on failed usercopy\n\nA failing usercopy of the fence_rep object will lead to a stale entry in\nthe file descriptor table as put_unused_fd() won\u0027t release it. This\nenables userland to refer to a dangling \u0027file\u0027 object through that still\nvalid file descriptor, leading to all kinds of use-after-free\nexploitation scenarios.\n\nFix this by deferring the call to fd_install() until after the usercopy\nhas succeeded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48771",
"url": "https://www.suse.com/security/cve/CVE-2022-48771"
},
{
"category": "external",
"summary": "SUSE Bug 1226732 for CVE-2022-48771",
"url": "https://bugzilla.suse.com/1226732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48771"
},
{
"cve": "CVE-2022-48772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: lgdt3306a: Add a check against null-pointer-def\n\nThe driver should check whether the client provides the platform_data.\n\nThe following log reveals it:\n\n[ 29.610324] BUG: KASAN: null-ptr-deref in kmemdup+0x30/0x40\n[ 29.610730] Read of size 40 at addr 0000000000000000 by task bash/414\n[ 29.612820] Call Trace:\n[ 29.613030] \u003cTASK\u003e\n[ 29.613201] dump_stack_lvl+0x56/0x6f\n[ 29.613496] ? kmemdup+0x30/0x40\n[ 29.613754] print_report.cold+0x494/0x6b7\n[ 29.614082] ? kmemdup+0x30/0x40\n[ 29.614340] kasan_report+0x8a/0x190\n[ 29.614628] ? kmemdup+0x30/0x40\n[ 29.614888] kasan_check_range+0x14d/0x1d0\n[ 29.615213] memcpy+0x20/0x60\n[ 29.615454] kmemdup+0x30/0x40\n[ 29.615700] lgdt3306a_probe+0x52/0x310\n[ 29.616339] i2c_device_probe+0x951/0xa90",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48772",
"url": "https://www.suse.com/security/cve/CVE-2022-48772"
},
{
"category": "external",
"summary": "SUSE Bug 1226976 for CVE-2022-48772",
"url": "https://bugzilla.suse.com/1226976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2022-48772"
},
{
"cve": "CVE-2023-24023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-24023"
}
],
"notes": [
{
"category": "general",
"text": "Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-24023",
"url": "https://www.suse.com/security/cve/CVE-2023-24023"
},
{
"category": "external",
"summary": "SUSE Bug 1218148 for CVE-2023-24023",
"url": "https://bugzilla.suse.com/1218148"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-24023"
},
{
"cve": "CVE-2023-52622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52622"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid online resizing failures due to oversized flex bg\n\nWhen we online resize an ext4 filesystem with a oversized flexbg_size,\n\n mkfs.ext4 -F -G 67108864 $dev -b 4096 100M\n mount $dev $dir\n resize2fs $dev 16G\n\nthe following WARN_ON is triggered:\n==================================================================\nWARNING: CPU: 0 PID: 427 at mm/page_alloc.c:4402 __alloc_pages+0x411/0x550\nModules linked in: sg(E)\nCPU: 0 PID: 427 Comm: resize2fs Tainted: G E 6.6.0-rc5+ #314\nRIP: 0010:__alloc_pages+0x411/0x550\nCall Trace:\n \u003cTASK\u003e\n __kmalloc_large_node+0xa2/0x200\n __kmalloc+0x16e/0x290\n ext4_resize_fs+0x481/0xd80\n __ext4_ioctl+0x1616/0x1d90\n ext4_ioctl+0x12/0x20\n __x64_sys_ioctl+0xf0/0x150\n do_syscall_64+0x3b/0x90\n==================================================================\n\nThis is because flexbg_size is too large and the size of the new_group_data\narray to be allocated exceeds MAX_ORDER. Currently, the minimum value of\nMAX_ORDER is 8, the minimum value of PAGE_SIZE is 4096, the corresponding\nmaximum number of groups that can be allocated is:\n\n (PAGE_SIZE \u003c\u003c MAX_ORDER) / sizeof(struct ext4_new_group_data) ~ 21845\n\nAnd the value that is down-aligned to the power of 2 is 16384. Therefore,\nthis value is defined as MAX_RESIZE_BG, and the number of groups added\neach time does not exceed this value during resizing, and is added multiple\ntimes to complete the online resizing. The difference is that the metadata\nin a flex_bg may be more dispersed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52622",
"url": "https://www.suse.com/security/cve/CVE-2023-52622"
},
{
"category": "external",
"summary": "SUSE Bug 1222080 for CVE-2023-52622",
"url": "https://bugzilla.suse.com/1222080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52622"
},
{
"cve": "CVE-2023-52658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"net/mlx5: Block entering switchdev mode with ns inconsistency\"\n\nThis reverts commit 662404b24a4c4d839839ed25e3097571f5938b9b.\nThe revert is required due to the suspicion it is not good for anything\nand cause crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52658",
"url": "https://www.suse.com/security/cve/CVE-2023-52658"
},
{
"category": "external",
"summary": "SUSE Bug 1224719 for CVE-2023-52658",
"url": "https://bugzilla.suse.com/1224719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52658"
},
{
"cve": "CVE-2023-52667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: fix a potential double-free in fs_any_create_groups\n\nWhen kcalloc() for ft-\u003eg succeeds but kvzalloc() for in fails,\nfs_any_create_groups() will free ft-\u003eg. However, its caller\nfs_any_create_table() will free ft-\u003eg again through calling\nmlx5e_destroy_flow_table(), which will lead to a double-free.\nFix this by setting ft-\u003eg to NULL in fs_any_create_groups().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52667",
"url": "https://www.suse.com/security/cve/CVE-2023-52667"
},
{
"category": "external",
"summary": "SUSE Bug 1224603 for CVE-2023-52667",
"url": "https://bugzilla.suse.com/1224603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52667"
},
{
"cve": "CVE-2023-52670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpmsg: virtio: Free driver_override when rpmsg_remove()\n\nFree driver_override when rpmsg_remove(), otherwise\nthe following memory leak will occur:\n\nunreferenced object 0xffff0000d55d7080 (size 128):\n comm \"kworker/u8:2\", pid 56, jiffies 4294893188 (age 214.272s)\n hex dump (first 32 bytes):\n 72 70 6d 73 67 5f 6e 73 00 00 00 00 00 00 00 00 rpmsg_ns........\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c000000009c94c9c1\u003e] __kmem_cache_alloc_node+0x1f8/0x320\n [\u003c000000002300d89b\u003e] __kmalloc_node_track_caller+0x44/0x70\n [\u003c00000000228a60c3\u003e] kstrndup+0x4c/0x90\n [\u003c0000000077158695\u003e] driver_set_override+0xd0/0x164\n [\u003c000000003e9c4ea5\u003e] rpmsg_register_device_override+0x98/0x170\n [\u003c000000001c0c89a8\u003e] rpmsg_ns_register_device+0x24/0x30\n [\u003c000000008bbf8fa2\u003e] rpmsg_probe+0x2e0/0x3ec\n [\u003c00000000e65a68df\u003e] virtio_dev_probe+0x1c0/0x280\n [\u003c00000000443331cc\u003e] really_probe+0xbc/0x2dc\n [\u003c00000000391064b1\u003e] __driver_probe_device+0x78/0xe0\n [\u003c00000000a41c9a5b\u003e] driver_probe_device+0xd8/0x160\n [\u003c000000009c3bd5df\u003e] __device_attach_driver+0xb8/0x140\n [\u003c0000000043cd7614\u003e] bus_for_each_drv+0x7c/0xd4\n [\u003c000000003b929a36\u003e] __device_attach+0x9c/0x19c\n [\u003c00000000a94e0ba8\u003e] device_initial_probe+0x14/0x20\n [\u003c000000003c999637\u003e] bus_probe_device+0xa0/0xac",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52670",
"url": "https://www.suse.com/security/cve/CVE-2023-52670"
},
{
"category": "external",
"summary": "SUSE Bug 1224696 for CVE-2023-52670",
"url": "https://bugzilla.suse.com/1224696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52670"
},
{
"cve": "CVE-2023-52672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52672"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npipe: wakeup wr_wait after setting max_usage\n\nCommit c73be61cede5 (\"pipe: Add general notification queue support\") a\nregression was introduced that would lock up resized pipes under certain\nconditions. See the reproducer in [1].\n\nThe commit resizing the pipe ring size was moved to a different\nfunction, doing that moved the wakeup for pipe-\u003ewr_wait before actually\nraising pipe-\u003emax_usage. If a pipe was full before the resize occured it\nwould result in the wakeup never actually triggering pipe_write.\n\nSet @max_usage and @nr_accounted before waking writers if this isn\u0027t a\nwatch queue.\n\n[Christian Brauner \u003cbrauner@kernel.org\u003e: rewrite to account for watch queues]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52672",
"url": "https://www.suse.com/security/cve/CVE-2023-52672"
},
{
"category": "external",
"summary": "SUSE Bug 1224614 for CVE-2023-52672",
"url": "https://bugzilla.suse.com/1224614"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52672"
},
{
"cve": "CVE-2023-52675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/imc-pmu: Add a null pointer check in update_events_in_group()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52675",
"url": "https://www.suse.com/security/cve/CVE-2023-52675"
},
{
"category": "external",
"summary": "SUSE Bug 1224504 for CVE-2023-52675",
"url": "https://bugzilla.suse.com/1224504"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52675"
},
{
"cve": "CVE-2023-52735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Don\u0027t let sock_map_{close,destroy,unhash} call itself\n\nsock_map proto callbacks should never call themselves by design. Protect\nagainst bugs like [1] and break out of the recursive loop to avoid a stack\noverflow in favor of a resource leak.\n\n[1] https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52735",
"url": "https://www.suse.com/security/cve/CVE-2023-52735"
},
{
"category": "external",
"summary": "SUSE Bug 1225475 for CVE-2023-52735",
"url": "https://bugzilla.suse.com/1225475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52735"
},
{
"cve": "CVE-2023-52737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52737"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: lock the inode in shared mode before starting fiemap\n\nCurrently fiemap does not take the inode\u0027s lock (VFS lock), it only locks\na file range in the inode\u0027s io tree. This however can lead to a deadlock\nif we have a concurrent fsync on the file and fiemap code triggers a fault\nwhen accessing the user space buffer with fiemap_fill_next_extent(). The\ndeadlock happens on the inode\u0027s i_mmap_lock semaphore, which is taken both\nby fsync and btrfs_page_mkwrite(). This deadlock was recently reported by\nsyzbot and triggers a trace like the following:\n\n task:syz-executor361 state:D stack:20264 pid:5668 ppid:5119 flags:0x00004004\n Call Trace:\n \u003cTASK\u003e\n context_switch kernel/sched/core.c:5293 [inline]\n __schedule+0x995/0xe20 kernel/sched/core.c:6606\n schedule+0xcb/0x190 kernel/sched/core.c:6682\n wait_on_state fs/btrfs/extent-io-tree.c:707 [inline]\n wait_extent_bit+0x577/0x6f0 fs/btrfs/extent-io-tree.c:751\n lock_extent+0x1c2/0x280 fs/btrfs/extent-io-tree.c:1742\n find_lock_delalloc_range+0x4e6/0x9c0 fs/btrfs/extent_io.c:488\n writepage_delalloc+0x1ef/0x540 fs/btrfs/extent_io.c:1863\n __extent_writepage+0x736/0x14e0 fs/btrfs/extent_io.c:2174\n extent_write_cache_pages+0x983/0x1220 fs/btrfs/extent_io.c:3091\n extent_writepages+0x219/0x540 fs/btrfs/extent_io.c:3211\n do_writepages+0x3c3/0x680 mm/page-writeback.c:2581\n filemap_fdatawrite_wbc+0x11e/0x170 mm/filemap.c:388\n __filemap_fdatawrite_range mm/filemap.c:421 [inline]\n filemap_fdatawrite_range+0x175/0x200 mm/filemap.c:439\n btrfs_fdatawrite_range fs/btrfs/file.c:3850 [inline]\n start_ordered_ops fs/btrfs/file.c:1737 [inline]\n btrfs_sync_file+0x4ff/0x1190 fs/btrfs/file.c:1839\n generic_write_sync include/linux/fs.h:2885 [inline]\n btrfs_do_write_iter+0xcd3/0x1280 fs/btrfs/file.c:1684\n call_write_iter include/linux/fs.h:2189 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x7dc/0xc50 fs/read_write.c:584\n ksys_write+0x177/0x2a0 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n RIP: 0033:0x7f7d4054e9b9\n RSP: 002b:00007f7d404fa2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n RAX: ffffffffffffffda RBX: 00007f7d405d87a0 RCX: 00007f7d4054e9b9\n RDX: 0000000000000090 RSI: 0000000020000000 RDI: 0000000000000006\n RBP: 00007f7d405a51d0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 61635f65646f6e69\n R13: 65646f7475616f6e R14: 7261637369646f6e R15: 00007f7d405d87a8\n \u003c/TASK\u003e\n INFO: task syz-executor361:5697 blocked for more than 145 seconds.\n Not tainted 6.2.0-rc3-syzkaller-00376-g7c6984405241 #0\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:syz-executor361 state:D stack:21216 pid:5697 ppid:5119 flags:0x00004004\n Call Trace:\n \u003cTASK\u003e\n context_switch kernel/sched/core.c:5293 [inline]\n __schedule+0x995/0xe20 kernel/sched/core.c:6606\n schedule+0xcb/0x190 kernel/sched/core.c:6682\n rwsem_down_read_slowpath+0x5f9/0x930 kernel/locking/rwsem.c:1095\n __down_read_common+0x54/0x2a0 kernel/locking/rwsem.c:1260\n btrfs_page_mkwrite+0x417/0xc80 fs/btrfs/inode.c:8526\n do_page_mkwrite+0x19e/0x5e0 mm/memory.c:2947\n wp_page_shared+0x15e/0x380 mm/memory.c:3295\n handle_pte_fault mm/memory.c:4949 [inline]\n __handle_mm_fault mm/memory.c:5073 [inline]\n handle_mm_fault+0x1b79/0x26b0 mm/memory.c:5219\n do_user_addr_fault+0x69b/0xcb0 arch/x86/mm/fault.c:1428\n handle_page_fault arch/x86/mm/fault.c:1519 [inline]\n exc_page_fault+0x7a/0x110 arch/x86/mm/fault.c:1575\n asm_exc_page_fault+0x22/0x30 arch/x86/include/asm/idtentry.h:570\n RIP: 0010:copy_user_short_string+0xd/0x40 arch/x86/lib/copy_user_64.S:233\n Code: 74 0a 89 (...)\n RSP: 0018:ffffc9000570f330 EFLAGS: 000502\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52737",
"url": "https://www.suse.com/security/cve/CVE-2023-52737"
},
{
"category": "external",
"summary": "SUSE Bug 1225484 for CVE-2023-52737",
"url": "https://bugzilla.suse.com/1225484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52737"
},
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2023-52766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler\n\nDo not loop over ring headers in hci_dma_irq_handler() that are not\nallocated and enabled in hci_dma_init(). Otherwise out of bounds access\nwill occur from rings-\u003eheaders[i] access when i \u003e= number of allocated\nring headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52766",
"url": "https://www.suse.com/security/cve/CVE-2023-52766"
},
{
"category": "external",
"summary": "SUSE Bug 1230620 for CVE-2023-52766",
"url": "https://bugzilla.suse.com/1230620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52766"
},
{
"cve": "CVE-2023-52784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: stop the device in bond_setup_by_slave()\n\nCommit 9eed321cde22 (\"net: lapbether: only support ethernet devices\")\nhas been able to keep syzbot away from net/lapb, until today.\n\nIn the following splat [1], the issue is that a lapbether device has\nbeen created on a bonding device without members. Then adding a non\nARPHRD_ETHER member forced the bonding master to change its type.\n\nThe fix is to make sure we call dev_close() in bond_setup_by_slave()\nso that the potential linked lapbether devices (or any other devices\nhaving assumptions on the physical device) are removed.\n\nA similar bug has been addressed in commit 40baec225765\n(\"bonding: fix panic on non-ARPHRD_ETHER enslave failure\")\n\n[1]\nskbuff: skb_under_panic: text:ffff800089508810 len:44 put:40 head:ffff0000c78e7c00 data:ffff0000c78e7bea tail:0x16 end:0x140 dev:bond0\nkernel BUG at net/core/skbuff.c:192 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 6007 Comm: syz-executor383 Not tainted 6.6.0-rc3-syzkaller-gbf6547d8715b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : skb_panic net/core/skbuff.c:188 [inline]\npc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nlr : skb_panic net/core/skbuff.c:188 [inline]\nlr : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nsp : ffff800096a06aa0\nx29: ffff800096a06ab0 x28: ffff800096a06ba0 x27: dfff800000000000\nx26: ffff0000ce9b9b50 x25: 0000000000000016 x24: ffff0000c78e7bea\nx23: ffff0000c78e7c00 x22: 000000000000002c x21: 0000000000000140\nx20: 0000000000000028 x19: ffff800089508810 x18: ffff800096a06100\nx17: 0000000000000000 x16: ffff80008a629a3c x15: 0000000000000001\nx14: 1fffe00036837a32 x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000201 x10: 0000000000000000 x9 : cb50b496c519aa00\nx8 : cb50b496c519aa00 x7 : 0000000000000001 x6 : 0000000000000001\nx5 : ffff800096a063b8 x4 : ffff80008e280f80 x3 : ffff8000805ad11c\nx2 : 0000000000000001 x1 : 0000000100000201 x0 : 0000000000000086\nCall trace:\nskb_panic net/core/skbuff.c:188 [inline]\nskb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nskb_push+0xf0/0x108 net/core/skbuff.c:2446\nip6gre_header+0xbc/0x738 net/ipv6/ip6_gre.c:1384\ndev_hard_header include/linux/netdevice.h:3136 [inline]\nlapbeth_data_transmit+0x1c4/0x298 drivers/net/wan/lapbether.c:257\nlapb_data_transmit+0x8c/0xb0 net/lapb/lapb_iface.c:447\nlapb_transmit_buffer+0x178/0x204 net/lapb/lapb_out.c:149\nlapb_send_control+0x220/0x320 net/lapb/lapb_subr.c:251\n__lapb_disconnect_request+0x9c/0x17c net/lapb/lapb_iface.c:326\nlapb_device_event+0x288/0x4e0 net/lapb/lapb_iface.c:492\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nlapbeth_device_event+0x2e4/0x958 drivers/net/wan/lapbether.c:466\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nbond_enslave+0x2298/0x30cc drivers/net/bonding/bond_main.c:2332\nbond_do_ioctl+0x268/0xc64 drivers/net/bonding/bond_main.c:4539\ndev_ifsioc+0x754/0x9ac\ndev_ioctl+0x4d8/0xd34 net/core/dev_ioctl.c:786\nsock_do_ioctl+0x1d4/0x2d0 net/socket.c:1217\nsock_ioctl+0x4e8/0x834 net/socket.c:1322\nvfs_ioctl fs/ioctl.c:51 [inline]\n__do_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52784",
"url": "https://www.suse.com/security/cve/CVE-2023-52784"
},
{
"category": "external",
"summary": "SUSE Bug 1224946 for CVE-2023-52784",
"url": "https://bugzilla.suse.com/1224946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52784"
},
{
"cve": "CVE-2023-52787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: make sure active queue usage is held for bio_integrity_prep()\n\nblk_integrity_unregister() can come if queue usage counter isn\u0027t held\nfor one bio with integrity prepared, so this request may be completed with\ncalling profile-\u003ecomplete_fn, then kernel panic.\n\nAnother constraint is that bio_integrity_prep() needs to be called\nbefore bio merge.\n\nFix the issue by:\n\n- call bio_integrity_prep() with one queue usage counter grabbed reliably\n\n- call bio_integrity_prep() before bio merge",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52787",
"url": "https://www.suse.com/security/cve/CVE-2023-52787"
},
{
"category": "external",
"summary": "SUSE Bug 1225105 for CVE-2023-52787",
"url": "https://bugzilla.suse.com/1225105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52787"
},
{
"cve": "CVE-2023-52800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix htt pktlog locking\n\nThe ath11k active pdevs are protected by RCU but the htt pktlog handling\ncode calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52800",
"url": "https://www.suse.com/security/cve/CVE-2023-52800"
},
{
"category": "external",
"summary": "SUSE Bug 1230600 for CVE-2023-52800",
"url": "https://bugzilla.suse.com/1230600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52800"
},
{
"cve": "CVE-2023-52835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Bail out early if the request AUX area is out of bound\n\nWhen perf-record with a large AUX area, e.g 4GB, it fails with:\n\n #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1\n failed to mmap with 12 (Cannot allocate memory)\n\nand it reveals a WARNING with __alloc_pages():\n\n\t------------[ cut here ]------------\n\tWARNING: CPU: 44 PID: 17573 at mm/page_alloc.c:5568 __alloc_pages+0x1ec/0x248\n\tCall trace:\n\t __alloc_pages+0x1ec/0x248\n\t __kmalloc_large_node+0xc0/0x1f8\n\t __kmalloc_node+0x134/0x1e8\n\t rb_alloc_aux+0xe0/0x298\n\t perf_mmap+0x440/0x660\n\t mmap_region+0x308/0x8a8\n\t do_mmap+0x3c0/0x528\n\t vm_mmap_pgoff+0xf4/0x1b8\n\t ksys_mmap_pgoff+0x18c/0x218\n\t __arm64_sys_mmap+0x38/0x58\n\t invoke_syscall+0x50/0x128\n\t el0_svc_common.constprop.0+0x58/0x188\n\t do_el0_svc+0x34/0x50\n\t el0_svc+0x34/0x108\n\t el0t_64_sync_handler+0xb8/0xc0\n\t el0t_64_sync+0x1a4/0x1a8\n\n\u0027rb-\u003eaux_pages\u0027 allocated by kcalloc() is a pointer array which is used to\nmaintains AUX trace pages. The allocated page for this array is physically\ncontiguous (and virtually contiguous) with an order of 0..MAX_ORDER. If the\nsize of pointer array crosses the limitation set by MAX_ORDER, it reveals a\nWARNING.\n\nSo bail out early with -ENOMEM if the request AUX area is out of bound,\ne.g.:\n\n #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1\n failed to mmap with 12 (Cannot allocate memory)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52835",
"url": "https://www.suse.com/security/cve/CVE-2023-52835"
},
{
"category": "external",
"summary": "SUSE Bug 1225602 for CVE-2023-52835",
"url": "https://bugzilla.suse.com/1225602"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2023-52835"
},
{
"cve": "CVE-2023-52837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52837"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: fix uaf in nbd_open\n\nCommit 4af5f2e03013 (\"nbd: use blk_mq_alloc_disk and\nblk_cleanup_disk\") cleans up disk by blk_cleanup_disk() and it won\u0027t set\ndisk-\u003eprivate_data as NULL as before. UAF may be triggered in nbd_open()\nif someone tries to open nbd device right after nbd_put() since nbd has\nbeen free in nbd_dev_remove().\n\nFix this by implementing -\u003efree_disk and free private data in it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52837",
"url": "https://www.suse.com/security/cve/CVE-2023-52837"
},
{
"category": "external",
"summary": "SUSE Bug 1224935 for CVE-2023-52837",
"url": "https://bugzilla.suse.com/1224935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52837"
},
{
"cve": "CVE-2023-52843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52843"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: verify mac len before reading mac header\n\nLLC reads the mac header with eth_hdr without verifying that the skb\nhas an Ethernet header.\n\nSyzbot was able to enter llc_rcv on a tun device. Tun can insert\npackets without mac len and with user configurable skb-\u003eprotocol\n(passing a tun_pi header when not configuring IFF_NO_PI).\n\n BUG: KMSAN: uninit-value in llc_station_ac_send_test_r net/llc/llc_station.c:81 [inline]\n BUG: KMSAN: uninit-value in llc_station_rcv+0x6fb/0x1290 net/llc/llc_station.c:111\n llc_station_ac_send_test_r net/llc/llc_station.c:81 [inline]\n llc_station_rcv+0x6fb/0x1290 net/llc/llc_station.c:111\n llc_rcv+0xc5d/0x14a0 net/llc/llc_input.c:218\n __netif_receive_skb_one_core net/core/dev.c:5523 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5637\n netif_receive_skb_internal net/core/dev.c:5723 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5782\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n tun_get_user+0x54c5/0x69c0 drivers/net/tun.c:2002\n\nAdd a mac_len test before all three eth_hdr(skb) calls under net/llc.\n\nThere are further uses in include/net/llc_pdu.h. All these are\nprotected by a test skb-\u003eprotocol == ETH_P_802_2. Which does not\nprotect against this tun scenario.\n\nBut the mac_len test added in this patch in llc_fixup_skb will\nindirectly protect those too. That is called from llc_rcv before any\nother LLC code.\n\nIt is tempting to just add a blanket mac_len check in llc_rcv, but\nnot sure whether that could break valid LLC paths that do not assume\nan Ethernet header. 802.2 LLC may be used on top of non-802.3\nprotocols in principle. The below referenced commit shows that used\nto, on top of Token Ring.\n\nAt least one of the three eth_hdr uses goes back to before the start\nof git history. But the one that syzbot exercises is introduced in\nthis commit. That commit is old enough (2008), that effectively all\nstable kernels should receive this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52843",
"url": "https://www.suse.com/security/cve/CVE-2023-52843"
},
{
"category": "external",
"summary": "SUSE Bug 1224951 for CVE-2023-52843",
"url": "https://bugzilla.suse.com/1224951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52843"
},
{
"cve": "CVE-2023-52845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52845"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Change nla_policy for bearer-related names to NLA_NUL_STRING\n\nsyzbot reported the following uninit-value access issue [1]:\n\n=====================================================\nBUG: KMSAN: uninit-value in strlen lib/string.c:418 [inline]\nBUG: KMSAN: uninit-value in strstr+0xb8/0x2f0 lib/string.c:756\n strlen lib/string.c:418 [inline]\n strstr+0xb8/0x2f0 lib/string.c:756\n tipc_nl_node_reset_link_stats+0x3ea/0xb50 net/tipc/node.c:2595\n genl_family_rcv_msg_doit net/netlink/genetlink.c:971 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1051 [inline]\n genl_rcv_msg+0x11ec/0x1290 net/netlink/genetlink.c:1066\n netlink_rcv_skb+0x371/0x650 net/netlink/af_netlink.c:2545\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1075\n netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]\n netlink_unicast+0xf47/0x1250 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nUninit was created at:\n slab_post_alloc_hook+0x12f/0xb70 mm/slab.h:767\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x577/0xa80 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:559\n __alloc_skb+0x318/0x740 net/core/skbuff.c:650\n alloc_skb include/linux/skbuff.h:1286 [inline]\n netlink_alloc_large_skb net/netlink/af_netlink.c:1214 [inline]\n netlink_sendmsg+0xb34/0x13d0 net/netlink/af_netlink.c:1885\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTIPC bearer-related names including link names must be null-terminated\nstrings. If a link name which is not null-terminated is passed through\nnetlink, strstr() and similar functions can cause buffer overrun. This\ncauses the above issue.\n\nThis patch changes the nla_policy for bearer-related names from NLA_STRING\nto NLA_NUL_STRING. This resolves the issue by ensuring that only\nnull-terminated strings are accepted as bearer-related names.\n\nsyzbot reported similar uninit-value issue related to bearer names [2]. The\nroot cause of this issue is that a non-null-terminated bearer name was\npassed. This patch also resolved this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52845",
"url": "https://www.suse.com/security/cve/CVE-2023-52845"
},
{
"category": "external",
"summary": "SUSE Bug 1225585 for CVE-2023-52845",
"url": "https://bugzilla.suse.com/1225585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52845"
},
{
"cve": "CVE-2023-52846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Prevent use after free in prp_create_tagged_frame()\n\nThe prp_fill_rct() function can fail. In that situation, it frees the\nskb and returns NULL. Meanwhile on the success path, it returns the\noriginal skb. So it\u0027s straight forward to fix bug by using the returned\nvalue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52846",
"url": "https://www.suse.com/security/cve/CVE-2023-52846"
},
{
"category": "external",
"summary": "SUSE Bug 1225098 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225098"
},
{
"category": "external",
"summary": "SUSE Bug 1225099 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52846"
},
{
"cve": "CVE-2023-52869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/platform: Add check for kstrdup\n\nAdd check for the return value of kstrdup() and return the error\nif it fails in order to avoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52869",
"url": "https://www.suse.com/security/cve/CVE-2023-52869"
},
{
"category": "external",
"summary": "SUSE Bug 1225050 for CVE-2023-52869",
"url": "https://bugzilla.suse.com/1225050"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52869"
},
{
"cve": "CVE-2023-52881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: do not accept ACK of bytes we never sent\n\nThis patch is based on a detailed report and ideas from Yepeng Pan\nand Christian Rossow.\n\nACK seq validation is currently following RFC 5961 5.2 guidelines:\n\n The ACK value is considered acceptable only if\n it is in the range of ((SND.UNA - MAX.SND.WND) \u003c= SEG.ACK \u003c=\n SND.NXT). All incoming segments whose ACK value doesn\u0027t satisfy the\n above condition MUST be discarded and an ACK sent back. It needs to\n be noted that RFC 793 on page 72 (fifth check) says: \"If the ACK is a\n duplicate (SEG.ACK \u003c SND.UNA), it can be ignored. If the ACK\n acknowledges something not yet sent (SEG.ACK \u003e SND.NXT) then send an\n ACK, drop the segment, and return\". The \"ignored\" above implies that\n the processing of the incoming data segment continues, which means\n the ACK value is treated as acceptable. This mitigation makes the\n ACK check more stringent since any ACK \u003c SND.UNA wouldn\u0027t be\n accepted, instead only ACKs that are in the range ((SND.UNA -\n MAX.SND.WND) \u003c= SEG.ACK \u003c= SND.NXT) get through.\n\nThis can be refined for new (and possibly spoofed) flows,\nby not accepting ACK for bytes that were never sent.\n\nThis greatly improves TCP security at a little cost.\n\nI added a Fixes: tag to make sure this patch will reach stable trees,\neven if the \u0027blamed\u0027 patch was adhering to the RFC.\n\ntp-\u003ebytes_acked was added in linux-4.2\n\nFollowing packetdrill test (courtesy of Yepeng Pan) shows\nthe issue at hand:\n\n0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3\n+0 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0\n+0 bind(3, ..., ...) = 0\n+0 listen(3, 1024) = 0\n\n// ---------------- Handshake ------------------- //\n\n// when window scale is set to 14 the window size can be extended to\n// 65535 * (2^14) = 1073725440. Linux would accept an ACK packet\n// with ack number in (Server_ISN+1-1073725440. Server_ISN+1)\n// ,though this ack number acknowledges some data never\n// sent by the server.\n\n+0 \u003c S 0:0(0) win 65535 \u003cmss 1400,nop,wscale 14\u003e\n+0 \u003e S. 0:0(0) ack 1 \u003c...\u003e\n+0 \u003c . 1:1(0) ack 1 win 65535\n+0 accept(3, ..., ...) = 4\n\n// For the established connection, we send an ACK packet,\n// the ack packet uses ack number 1 - 1073725300 + 2^32,\n// where 2^32 is used to wrap around.\n// Note: we used 1073725300 instead of 1073725440 to avoid possible\n// edge cases.\n// 1 - 1073725300 + 2^32 = 3221241997\n\n// Oops, old kernels happily accept this packet.\n+0 \u003c . 1:1001(1000) ack 3221241997 win 65535\n\n// After the kernel fix the following will be replaced by a challenge ACK,\n// and prior malicious frame would be dropped.\n+0 \u003e . 1:1(0) ack 1001",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52881",
"url": "https://www.suse.com/security/cve/CVE-2023-52881"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1225611 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1225611"
},
{
"category": "external",
"summary": "SUSE Bug 1226152 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1226152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52881"
},
{
"cve": "CVE-2023-52882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change\n\nWhile PLL CPUX clock rate change when CPU is running from it works in\nvast majority of cases, now and then it causes instability. This leads\nto system crashes and other undefined behaviour. After a lot of testing\n(30+ hours) while also doing a lot of frequency switches, we can\u0027t\nobserve any instability issues anymore when doing reparenting to stable\nclock like 24 MHz oscillator.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52882",
"url": "https://www.suse.com/security/cve/CVE-2023-52882"
},
{
"category": "external",
"summary": "SUSE Bug 1225692 for CVE-2023-52882",
"url": "https://bugzilla.suse.com/1225692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52882"
},
{
"cve": "CVE-2023-52884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: cyapa - add missing input core locking to suspend/resume functions\n\nGrab input-\u003emutex during suspend/resume functions like it is done in\nother input drivers. This fixes the following warning during system\nsuspend/resume cycle on Samsung Exynos5250-based Snow Chromebook:\n\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 1680 at drivers/input/input.c:2291 input_device_enabled+0x68/0x6c\nModules linked in: ...\nCPU: 1 PID: 1680 Comm: kworker/u4:12 Tainted: G W 6.6.0-rc5-next-20231009 #14109\nHardware name: Samsung Exynos (Flattened Device Tree)\nWorkqueue: events_unbound async_run_entry_fn\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x58/0x70\n dump_stack_lvl from __warn+0x1a8/0x1cc\n __warn from warn_slowpath_fmt+0x18c/0x1b4\n warn_slowpath_fmt from input_device_enabled+0x68/0x6c\n input_device_enabled from cyapa_gen3_set_power_mode+0x13c/0x1dc\n cyapa_gen3_set_power_mode from cyapa_reinitialize+0x10c/0x15c\n cyapa_reinitialize from cyapa_resume+0x48/0x98\n cyapa_resume from dpm_run_callback+0x90/0x298\n dpm_run_callback from device_resume+0xb4/0x258\n device_resume from async_resume+0x20/0x64\n async_resume from async_run_entry_fn+0x40/0x15c\n async_run_entry_fn from process_scheduled_works+0xbc/0x6a8\n process_scheduled_works from worker_thread+0x188/0x454\n worker_thread from kthread+0x108/0x140\n kthread from ret_from_fork+0x14/0x28\nException stack(0xf1625fb0 to 0xf1625ff8)\n...\n---[ end trace 0000000000000000 ]---\n...\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 1680 at drivers/input/input.c:2291 input_device_enabled+0x68/0x6c\nModules linked in: ...\nCPU: 1 PID: 1680 Comm: kworker/u4:12 Tainted: G W 6.6.0-rc5-next-20231009 #14109\nHardware name: Samsung Exynos (Flattened Device Tree)\nWorkqueue: events_unbound async_run_entry_fn\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x58/0x70\n dump_stack_lvl from __warn+0x1a8/0x1cc\n __warn from warn_slowpath_fmt+0x18c/0x1b4\n warn_slowpath_fmt from input_device_enabled+0x68/0x6c\n input_device_enabled from cyapa_gen3_set_power_mode+0x13c/0x1dc\n cyapa_gen3_set_power_mode from cyapa_reinitialize+0x10c/0x15c\n cyapa_reinitialize from cyapa_resume+0x48/0x98\n cyapa_resume from dpm_run_callback+0x90/0x298\n dpm_run_callback from device_resume+0xb4/0x258\n device_resume from async_resume+0x20/0x64\n async_resume from async_run_entry_fn+0x40/0x15c\n async_run_entry_fn from process_scheduled_works+0xbc/0x6a8\n process_scheduled_works from worker_thread+0x188/0x454\n worker_thread from kthread+0x108/0x140\n kthread from ret_from_fork+0x14/0x28\nException stack(0xf1625fb0 to 0xf1625ff8)\n...\n---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52884",
"url": "https://www.suse.com/security/cve/CVE-2023-52884"
},
{
"category": "external",
"summary": "SUSE Bug 1226764 for CVE-2023-52884",
"url": "https://bugzilla.suse.com/1226764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-52884"
},
{
"cve": "CVE-2024-26625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26625"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: call sock_orphan() at release time\n\nsyzbot reported an interesting trace [1] caused by a stale sk-\u003esk_wq\npointer in a closed llc socket.\n\nIn commit ff7b11aa481f (\"net: socket: set sock-\u003esk to NULL after\ncalling proto_ops::release()\") Eric Biggers hinted that some protocols\nare missing a sock_orphan(), we need to perform a full audit.\n\nIn net-next, I plan to clear sock-\u003esk from sock_orphan() and\namend Eric patch to add a warning.\n\n[1]\n BUG: KASAN: slab-use-after-free in list_empty include/linux/list.h:373 [inline]\n BUG: KASAN: slab-use-after-free in waitqueue_active include/linux/wait.h:127 [inline]\n BUG: KASAN: slab-use-after-free in sock_def_write_space_wfree net/core/sock.c:3384 [inline]\n BUG: KASAN: slab-use-after-free in sock_wfree+0x9a8/0x9d0 net/core/sock.c:2468\nRead of size 8 at addr ffff88802f4fc880 by task ksoftirqd/1/27\n\nCPU: 1 PID: 27 Comm: ksoftirqd/1 Not tainted 6.8.0-rc1-syzkaller-00049-g6098d87eaf31 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc4/0x620 mm/kasan/report.c:488\n kasan_report+0xda/0x110 mm/kasan/report.c:601\n list_empty include/linux/list.h:373 [inline]\n waitqueue_active include/linux/wait.h:127 [inline]\n sock_def_write_space_wfree net/core/sock.c:3384 [inline]\n sock_wfree+0x9a8/0x9d0 net/core/sock.c:2468\n skb_release_head_state+0xa3/0x2b0 net/core/skbuff.c:1080\n skb_release_all net/core/skbuff.c:1092 [inline]\n napi_consume_skb+0x119/0x2b0 net/core/skbuff.c:1404\n e1000_unmap_and_free_tx_resource+0x144/0x200 drivers/net/ethernet/intel/e1000/e1000_main.c:1970\n e1000_clean_tx_irq drivers/net/ethernet/intel/e1000/e1000_main.c:3860 [inline]\n e1000_clean+0x4a1/0x26e0 drivers/net/ethernet/intel/e1000/e1000_main.c:3801\n __napi_poll.constprop.0+0xb4/0x540 net/core/dev.c:6576\n napi_poll net/core/dev.c:6645 [inline]\n net_rx_action+0x956/0xe90 net/core/dev.c:6778\n __do_softirq+0x21a/0x8de kernel/softirq.c:553\n run_ksoftirqd kernel/softirq.c:921 [inline]\n run_ksoftirqd+0x31/0x60 kernel/softirq.c:913\n smpboot_thread_fn+0x660/0xa10 kernel/smpboot.c:164\n kthread+0x2c6/0x3a0 kernel/kthread.c:388\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242\n \u003c/TASK\u003e\n\nAllocated by task 5167:\n kasan_save_stack+0x33/0x50 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n unpoison_slab_object mm/kasan/common.c:314 [inline]\n __kasan_slab_alloc+0x81/0x90 mm/kasan/common.c:340\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slub.c:3813 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_lru+0x142/0x6f0 mm/slub.c:3879\n alloc_inode_sb include/linux/fs.h:3019 [inline]\n sock_alloc_inode+0x25/0x1c0 net/socket.c:308\n alloc_inode+0x5d/0x220 fs/inode.c:260\n new_inode_pseudo+0x16/0x80 fs/inode.c:1005\n sock_alloc+0x40/0x270 net/socket.c:634\n __sock_create+0xbc/0x800 net/socket.c:1535\n sock_create net/socket.c:1622 [inline]\n __sys_socket_create net/socket.c:1659 [inline]\n __sys_socket+0x14c/0x260 net/socket.c:1706\n __do_sys_socket net/socket.c:1720 [inline]\n __se_sys_socket net/socket.c:1718 [inline]\n __x64_sys_socket+0x72/0xb0 net/socket.c:1718\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd3/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nFreed by task 0:\n kasan_save_stack+0x33/0x50 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3f/0x60 mm/kasan/generic.c:640\n poison_slab_object mm/kasan/common.c:241 [inline]\n __kasan_slab_free+0x121/0x1b0 mm/kasan/common.c:257\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2121 [inlin\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26625",
"url": "https://www.suse.com/security/cve/CVE-2024-26625"
},
{
"category": "external",
"summary": "SUSE Bug 1221086 for CVE-2024-26625",
"url": "https://bugzilla.suse.com/1221086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-26625"
},
{
"cve": "CVE-2024-26644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: don\u0027t abort filesystem when attempting to snapshot deleted subvolume\n\nIf the source file descriptor to the snapshot ioctl refers to a deleted\nsubvolume, we get the following abort:\n\n BTRFS: Transaction aborted (error -2)\n WARNING: CPU: 0 PID: 833 at fs/btrfs/transaction.c:1875 create_pending_snapshot+0x1040/0x1190 [btrfs]\n Modules linked in: pata_acpi btrfs ata_piix libata scsi_mod virtio_net blake2b_generic xor net_failover virtio_rng failover scsi_common rng_core raid6_pq libcrc32c\n CPU: 0 PID: 833 Comm: t_snapshot_dele Not tainted 6.7.0-rc6 #2\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014\n RIP: 0010:create_pending_snapshot+0x1040/0x1190 [btrfs]\n RSP: 0018:ffffa09c01337af8 EFLAGS: 00010282\n RAX: 0000000000000000 RBX: ffff9982053e7c78 RCX: 0000000000000027\n RDX: ffff99827dc20848 RSI: 0000000000000001 RDI: ffff99827dc20840\n RBP: ffffa09c01337c00 R08: 0000000000000000 R09: ffffa09c01337998\n R10: 0000000000000003 R11: ffffffffb96da248 R12: fffffffffffffffe\n R13: ffff99820535bb28 R14: ffff99820b7bd000 R15: ffff99820381ea80\n FS: 00007fe20aadabc0(0000) GS:ffff99827dc00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000559a120b502f CR3: 00000000055b6000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? create_pending_snapshot+0x1040/0x1190 [btrfs]\n ? __warn+0x81/0x130\n ? create_pending_snapshot+0x1040/0x1190 [btrfs]\n ? report_bug+0x171/0x1a0\n ? handle_bug+0x3a/0x70\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? create_pending_snapshot+0x1040/0x1190 [btrfs]\n ? create_pending_snapshot+0x1040/0x1190 [btrfs]\n create_pending_snapshots+0x92/0xc0 [btrfs]\n btrfs_commit_transaction+0x66b/0xf40 [btrfs]\n btrfs_mksubvol+0x301/0x4d0 [btrfs]\n btrfs_mksnapshot+0x80/0xb0 [btrfs]\n __btrfs_ioctl_snap_create+0x1c2/0x1d0 [btrfs]\n btrfs_ioctl_snap_create_v2+0xc4/0x150 [btrfs]\n btrfs_ioctl+0x8a6/0x2650 [btrfs]\n ? kmem_cache_free+0x22/0x340\n ? do_sys_openat2+0x97/0xe0\n __x64_sys_ioctl+0x97/0xd0\n do_syscall_64+0x46/0xf0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n RIP: 0033:0x7fe20abe83af\n RSP: 002b:00007ffe6eff1360 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fe20abe83af\n RDX: 00007ffe6eff23c0 RSI: 0000000050009417 RDI: 0000000000000003\n RBP: 0000000000000003 R08: 0000000000000000 R09: 00007fe20ad16cd0\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 00007ffe6eff13c0 R14: 00007fe20ad45000 R15: 0000559a120b6d58\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n BTRFS: error (device vdc: state A) in create_pending_snapshot:1875: errno=-2 No such entry\n BTRFS info (device vdc: state EA): forced readonly\n BTRFS warning (device vdc: state EA): Skipping commit of aborted transaction.\n BTRFS: error (device vdc: state EA) in cleanup_transaction:2055: errno=-2 No such entry\n\nThis happens because create_pending_snapshot() initializes the new root\nitem as a copy of the source root item. This includes the refs field,\nwhich is 0 for a deleted subvolume. The call to btrfs_insert_root()\ntherefore inserts a root with refs == 0. btrfs_get_new_fs_root() then\nfinds the root and returns -ENOENT if refs == 0, which causes\ncreate_pending_snapshot() to abort.\n\nFix it by checking the source root\u0027s refs before attempting the\nsnapshot, but after locking subvol_sem to avoid racing with deletion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26644",
"url": "https://www.suse.com/security/cve/CVE-2024-26644"
},
{
"category": "external",
"summary": "SUSE Bug 1222072 for CVE-2024-26644",
"url": "https://bugzilla.suse.com/1222072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-26644"
},
{
"cve": "CVE-2024-26720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26720"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26720",
"url": "https://www.suse.com/security/cve/CVE-2024-26720"
},
{
"category": "external",
"summary": "SUSE Bug 1222364 for CVE-2024-26720",
"url": "https://bugzilla.suse.com/1222364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-26720"
},
{
"cve": "CVE-2024-26842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix shift issue in ufshcd_clear_cmd()\n\nWhen task_tag \u003e= 32 (in MCQ mode) and sizeof(unsigned int) == 4, 1U \u003c\u003c\ntask_tag will out of bounds for a u32 mask. Fix this up to prevent\nSHIFT_ISSUE (bitwise shifts that are out of bounds for their data type).\n\n[name:debug_monitors\u0026]Unexpected kernel BRK exception at EL1\n[name:traps\u0026]Internal error: BRK handler: 00000000f2005514 [#1] PREEMPT SMP\n[name:mediatek_cpufreq_hw\u0026]cpufreq stop DVFS log done\n[name:mrdump\u0026]Kernel Offset: 0x1ba5800000 from 0xffffffc008000000\n[name:mrdump\u0026]PHYS_OFFSET: 0x80000000\n[name:mrdump\u0026]pstate: 22400005 (nzCv daif +PAN -UAO)\n[name:mrdump\u0026]pc : [0xffffffdbaf52bb2c] ufshcd_clear_cmd+0x280/0x288\n[name:mrdump\u0026]lr : [0xffffffdbaf52a774] ufshcd_wait_for_dev_cmd+0x3e4/0x82c\n[name:mrdump\u0026]sp : ffffffc0081471b0\n\u003csnip\u003e\nWorkqueue: ufs_eh_wq_0 ufshcd_err_handler\nCall trace:\n dump_backtrace+0xf8/0x144\n show_stack+0x18/0x24\n dump_stack_lvl+0x78/0x9c\n dump_stack+0x18/0x44\n mrdump_common_die+0x254/0x480 [mrdump]\n ipanic_die+0x20/0x30 [mrdump]\n notify_die+0x15c/0x204\n die+0x10c/0x5f8\n arm64_notify_die+0x74/0x13c\n do_debug_exception+0x164/0x26c\n el1_dbg+0x64/0x80\n el1h_64_sync_handler+0x3c/0x90\n el1h_64_sync+0x68/0x6c\n ufshcd_clear_cmd+0x280/0x288\n ufshcd_wait_for_dev_cmd+0x3e4/0x82c\n ufshcd_exec_dev_cmd+0x5bc/0x9ac\n ufshcd_verify_dev_init+0x84/0x1c8\n ufshcd_probe_hba+0x724/0x1ce0\n ufshcd_host_reset_and_restore+0x260/0x574\n ufshcd_reset_and_restore+0x138/0xbd0\n ufshcd_err_handler+0x1218/0x2f28\n process_one_work+0x5fc/0x1140\n worker_thread+0x7d8/0xe20\n kthread+0x25c/0x468\n ret_from_fork+0x10/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26842",
"url": "https://www.suse.com/security/cve/CVE-2024-26842"
},
{
"category": "external",
"summary": "SUSE Bug 1223013 for CVE-2024-26842",
"url": "https://bugzilla.suse.com/1223013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-26842"
},
{
"cve": "CVE-2024-26845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26845"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: core: Add TMF to tmr_list handling\n\nAn abort that is responded to by iSCSI itself is added to tmr_list but does\nnot go to target core. A LUN_RESET that goes through tmr_list takes a\nrefcounter on the abort and waits for completion. However, the abort will\nbe never complete because it was not started in target core.\n\n Unable to locate ITT: 0x05000000 on CID: 0\n Unable to locate RefTaskTag: 0x05000000 on CID: 0.\n wait_for_tasks: Stopping tmf LUN_RESET with tag 0x0 ref_task_tag 0x0 i_state 34 t_state ISTATE_PROCESSING refcnt 2 transport_state active,stop,fabric_stop\n wait for tasks: tmf LUN_RESET with tag 0x0 ref_task_tag 0x0 i_state 34 t_state ISTATE_PROCESSING refcnt 2 transport_state active,stop,fabric_stop\n...\n INFO: task kworker/0:2:49 blocked for more than 491 seconds.\n task:kworker/0:2 state:D stack: 0 pid: 49 ppid: 2 flags:0x00000800\n Workqueue: events target_tmr_work [target_core_mod]\nCall Trace:\n __switch_to+0x2c4/0x470\n _schedule+0x314/0x1730\n schedule+0x64/0x130\n schedule_timeout+0x168/0x430\n wait_for_completion+0x140/0x270\n target_put_cmd_and_wait+0x64/0xb0 [target_core_mod]\n core_tmr_lun_reset+0x30/0xa0 [target_core_mod]\n target_tmr_work+0xc8/0x1b0 [target_core_mod]\n process_one_work+0x2d4/0x5d0\n worker_thread+0x78/0x6c0\n\nTo fix this, only add abort to tmr_list if it will be handled by target\ncore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26845",
"url": "https://www.suse.com/security/cve/CVE-2024-26845"
},
{
"category": "external",
"summary": "SUSE Bug 1223018 for CVE-2024-26845",
"url": "https://bugzilla.suse.com/1223018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-26845"
},
{
"cve": "CVE-2024-26923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix garbage collector racing against connect()\n\nGarbage collector does not take into account the risk of embryo getting\nenqueued during the garbage collection. If such embryo has a peer that\ncarries SCM_RIGHTS, two consecutive passes of scan_children() may see a\ndifferent set of children. Leading to an incorrectly elevated inflight\ncount, and then a dangling pointer within the gc_inflight_list.\n\nsockets are AF_UNIX/SOCK_STREAM\nS is an unconnected socket\nL is a listening in-flight socket bound to addr, not in fdtable\nV\u0027s fd will be passed via sendmsg(), gets inflight count bumped\n\nconnect(S, addr)\tsendmsg(S, [V]); close(V)\t__unix_gc()\n----------------\t-------------------------\t-----------\n\nNS = unix_create1()\nskb1 = sock_wmalloc(NS)\nL = unix_find_other(addr)\nunix_state_lock(L)\nunix_peer(S) = NS\n\t\t\t// V count=1 inflight=0\n\n \t\t\tNS = unix_peer(S)\n \t\t\tskb2 = sock_alloc()\n\t\t\tskb_queue_tail(NS, skb2[V])\n\n\t\t\t// V became in-flight\n\t\t\t// V count=2 inflight=1\n\n\t\t\tclose(V)\n\n\t\t\t// V count=1 inflight=1\n\t\t\t// GC candidate condition met\n\n\t\t\t\t\t\tfor u in gc_inflight_list:\n\t\t\t\t\t\t if (total_refs == inflight_refs)\n\t\t\t\t\t\t add u to gc_candidates\n\n\t\t\t\t\t\t// gc_candidates={L, V}\n\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t scan_children(u, dec_inflight)\n\n\t\t\t\t\t\t// embryo (skb1) was not\n\t\t\t\t\t\t// reachable from L yet, so V\u0027s\n\t\t\t\t\t\t// inflight remains unchanged\n__skb_queue_tail(L, skb1)\nunix_state_unlock(L)\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t if (u.inflight)\n\t\t\t\t\t\t scan_children(u, inc_inflight_move_tail)\n\n\t\t\t\t\t\t// V count=1 inflight=2 (!)\n\nIf there is a GC-candidate listening socket, lock/unlock its state. This\nmakes GC wait until the end of any ongoing connect() to that socket. After\nflipping the lock, a possibly SCM-laden embryo is already enqueued. And if\nthere is another embryo coming, it can not possibly carry SCM_RIGHTS. At\nthis point, unix_inflight() can not happen because unix_gc_lock is already\ntaken. Inflight graph remains unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26923",
"url": "https://www.suse.com/security/cve/CVE-2024-26923"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1223683 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-26973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfat: fix uninitialized field in nostale filehandles\n\nWhen fat_encode_fh_nostale() encodes file handle without a parent it\nstores only first 10 bytes of the file handle. However the length of the\nfile handle must be a multiple of 4 so the file handle is actually 12\nbytes long and the last two bytes remain uninitialized. This is not\ngreat at we potentially leak uninitialized information with the handle\nto userspace. Properly initialize the full handle length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26973",
"url": "https://www.suse.com/security/cve/CVE-2024-26973"
},
{
"category": "external",
"summary": "SUSE Bug 1223641 for CVE-2024-26973",
"url": "https://bugzilla.suse.com/1223641"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-26973"
},
{
"cve": "CVE-2024-27432",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27432"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk_eth_soc: fix PPE hanging issue\n\nA patch to resolve an issue was found in MediaTek\u0027s GPL-licensed SDK:\nIn the mtk_ppe_stop() function, the PPE scan mode is not disabled before\ndisabling the PPE. This can potentially lead to a hang during the process\nof disabling the PPE.\n\nWithout this patch, the PPE may experience a hang during the reboot test.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27432",
"url": "https://www.suse.com/security/cve/CVE-2024-27432"
},
{
"category": "external",
"summary": "SUSE Bug 1224716 for CVE-2024-27432",
"url": "https://bugzilla.suse.com/1224716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-27432"
},
{
"cve": "CVE-2024-33619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-33619"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: libstub: only free priv.runtime_map when allocated\n\npriv.runtime_map is only allocated when efi_novamap is not set.\nOtherwise, it is an uninitialized value. In the error path, it is freed\nunconditionally. Avoid passing an uninitialized value to free_pool.\nFree priv.runtime_map only when it was allocated.\n\nThis bug was discovered and resolved using Coverity Static Analysis\nSecurity Testing (SAST) by Synopsys, Inc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-33619",
"url": "https://www.suse.com/security/cve/CVE-2024-33619"
},
{
"category": "external",
"summary": "SUSE Bug 1226768 for CVE-2024-33619",
"url": "https://bugzilla.suse.com/1226768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-33619"
},
{
"cve": "CVE-2024-35247",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35247"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: region: add owner module and take its refcount\n\nThe current implementation of the fpga region assumes that the low-level\nmodule registers a driver for the parent device and uses its owner pointer\nto take the module\u0027s refcount. This approach is problematic since it can\nlead to a null pointer dereference while attempting to get the region\nduring programming if the parent device does not have a driver.\n\nTo address this problem, add a module owner pointer to the fpga_region\nstruct and use it to take the module\u0027s refcount. Modify the functions for\nregistering a region to take an additional owner module parameter and\nrename them to avoid conflicts. Use the old function names for helper\nmacros that automatically set the module that registers the region as the\nowner. This ensures compatibility with existing low-level control modules\nand reduces the chances of registering a region without setting the owner.\n\nAlso, update the documentation to keep it consistent with the new interface\nfor registering an fpga region.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35247",
"url": "https://www.suse.com/security/cve/CVE-2024-35247"
},
{
"category": "external",
"summary": "SUSE Bug 1226948 for CVE-2024-35247",
"url": "https://bugzilla.suse.com/1226948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35247"
},
{
"cve": "CVE-2024-35789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes\n\nWhen moving a station out of a VLAN and deleting the VLAN afterwards, the\nfast_rx entry still holds a pointer to the VLAN\u0027s netdev, which can cause\nuse-after-free bugs. Fix this by immediately calling ieee80211_check_fast_rx\nafter the VLAN change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35789",
"url": "https://www.suse.com/security/cve/CVE-2024-35789"
},
{
"category": "external",
"summary": "SUSE Bug 1224749 for CVE-2024-35789",
"url": "https://bugzilla.suse.com/1224749"
},
{
"category": "external",
"summary": "SUSE Bug 1227320 for CVE-2024-35789",
"url": "https://bugzilla.suse.com/1227320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-35789"
},
{
"cve": "CVE-2024-35790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: altmodes/displayport: create sysfs nodes as driver\u0027s default device attribute group\n\nThe DisplayPort driver\u0027s sysfs nodes may be present to the userspace before\ntypec_altmode_set_drvdata() completes in dp_altmode_probe. This means that\na sysfs read can trigger a NULL pointer error by deferencing dp-\u003ehpd in\nhpd_show or dp-\u003elock in pin_assignment_show, as dev_get_drvdata() returns\nNULL in those cases.\n\nRemove manual sysfs node creation in favor of adding attribute group as\ndefault for devices bound to the driver. The ATTRIBUTE_GROUPS() macro is\nnot used here otherwise the path to the sysfs nodes is no longer compliant\nwith the ABI.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35790",
"url": "https://www.suse.com/security/cve/CVE-2024-35790"
},
{
"category": "external",
"summary": "SUSE Bug 1224712 for CVE-2024-35790",
"url": "https://bugzilla.suse.com/1224712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35790"
},
{
"cve": "CVE-2024-35807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix corruption during on-line resize\n\nWe observed a corruption during on-line resize of a file system that is\nlarger than 16 TiB with 4k block size. With having more then 2^32 blocks\nresize_inode is turned off by default by mke2fs. The issue can be\nreproduced on a smaller file system for convenience by explicitly\nturning off resize_inode. An on-line resize across an 8 GiB boundary (the\nsize of a meta block group in this setup) then leads to a corruption:\n\n dev=/dev/\u003csome_dev\u003e # should be \u003e= 16 GiB\n mkdir -p /corruption\n /sbin/mke2fs -t ext4 -b 4096 -O ^resize_inode $dev $((2 * 2**21 - 2**15))\n mount -t ext4 $dev /corruption\n\n dd if=/dev/zero bs=4096 of=/corruption/test count=$((2*2**21 - 4*2**15))\n sha1sum /corruption/test\n # 79d2658b39dcfd77274e435b0934028adafaab11 /corruption/test\n\n /sbin/resize2fs $dev $((2*2**21))\n # drop page cache to force reload the block from disk\n echo 1 \u003e /proc/sys/vm/drop_caches\n\n sha1sum /corruption/test\n # 3c2abc63cbf1a94c9e6977e0fbd72cd832c4d5c3 /corruption/test\n\n2^21 = 2^15*2^6 equals 8 GiB whereof 2^15 is the number of blocks per\nblock group and 2^6 are the number of block groups that make a meta\nblock group.\n\nThe last checksum might be different depending on how the file is laid\nout across the physical blocks. The actual corruption occurs at physical\nblock 63*2^15 = 2064384 which would be the location of the backup of the\nmeta block group\u0027s block descriptor. During the on-line resize the file\nsystem will be converted to meta_bg starting at s_first_meta_bg which is\n2 in the example - meaning all block groups after 16 GiB. However, in\next4_flex_group_add we might add block groups that are not part of the\nfirst meta block group yet. In the reproducer we achieved this by\nsubstracting the size of a whole block group from the point where the\nmeta block group would start. This must be considered when updating the\nbackup block group descriptors to follow the non-meta_bg layout. The fix\nis to add a test whether the group to add is already part of the meta\nblock group or not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35807",
"url": "https://www.suse.com/security/cve/CVE-2024-35807"
},
{
"category": "external",
"summary": "SUSE Bug 1224735 for CVE-2024-35807",
"url": "https://bugzilla.suse.com/1224735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35807"
},
{
"cve": "CVE-2024-35814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nswiotlb: Fix double-allocation of slots due to broken alignment handling\n\nCommit bbb73a103fbb (\"swiotlb: fix a braino in the alignment check fix\"),\nwhich was a fix for commit 0eee5ae10256 (\"swiotlb: fix slot alignment\nchecks\"), causes a functional regression with vsock in a virtual machine\nusing bouncing via a restricted DMA SWIOTLB pool.\n\nWhen virtio allocates the virtqueues for the vsock device using\ndma_alloc_coherent(), the SWIOTLB search can return page-unaligned\nallocations if \u0027area-\u003eindex\u0027 was left unaligned by a previous allocation\nfrom the buffer:\n\n # Final address in brackets is the SWIOTLB address returned to the caller\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1645-1649/7168 (0x98326800)\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1649-1653/7168 (0x98328800)\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1653-1657/7168 (0x9832a800)\n\nThis ends badly (typically buffer corruption and/or a hang) because\nswiotlb_alloc() is expecting a page-aligned allocation and so blindly\nreturns a pointer to the \u0027struct page\u0027 corresponding to the allocation,\ntherefore double-allocating the first half (2KiB slot) of the 4KiB page.\n\nFix the problem by treating the allocation alignment separately to any\nadditional alignment requirements from the device, using the maximum\nof the two as the stride to search the buffer slots and taking care\nto ensure a minimum of page-alignment for buffers larger than a page.\n\nThis also resolves swiotlb allocation failures occuring due to the\ninclusion of ~PAGE_MASK in \u0027iotlb_align_mask\u0027 for large allocations and\nresulting in alignment requirements exceeding swiotlb_max_mapping_size().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35814",
"url": "https://www.suse.com/security/cve/CVE-2024-35814"
},
{
"category": "external",
"summary": "SUSE Bug 1224602 for CVE-2024-35814",
"url": "https://bugzilla.suse.com/1224602"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35814"
},
{
"cve": "CVE-2024-35835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: fix a double-free in arfs_create_groups\n\nWhen `in` allocated by kvzalloc fails, arfs_create_groups will free\nft-\u003eg and return an error. However, arfs_create_table, the only caller of\narfs_create_groups, will hold this error and call to\nmlx5e_destroy_flow_table, in which the ft-\u003eg will be freed again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35835",
"url": "https://www.suse.com/security/cve/CVE-2024-35835"
},
{
"category": "external",
"summary": "SUSE Bug 1224605 for CVE-2024-35835",
"url": "https://bugzilla.suse.com/1224605"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35835"
},
{
"cve": "CVE-2024-35848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neeprom: at24: fix memory corruption race condition\n\nIf the eeprom is not accessible, an nvmem device will be registered, the\nread will fail, and the device will be torn down. If another driver\naccesses the nvmem device after the teardown, it will reference\ninvalid memory.\n\nMove the failure point before registering the nvmem device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35848",
"url": "https://www.suse.com/security/cve/CVE-2024-35848"
},
{
"category": "external",
"summary": "SUSE Bug 1224612 for CVE-2024-35848",
"url": "https://bugzilla.suse.com/1224612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35848"
},
{
"cve": "CVE-2024-35857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nicmp: prevent possible NULL dereferences from icmp_build_probe()\n\nFirst problem is a double call to __in_dev_get_rcu(), because\nthe second one could return NULL.\n\nif (__in_dev_get_rcu(dev) \u0026\u0026 __in_dev_get_rcu(dev)-\u003eifa_list)\n\nSecond problem is a read from dev-\u003eip6_ptr with no NULL check:\n\nif (!list_empty(\u0026rcu_dereference(dev-\u003eip6_ptr)-\u003eaddr_list))\n\nUse the correct RCU API to fix these.\n\nv2: add missing include \u003cnet/addrconf.h\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35857",
"url": "https://www.suse.com/security/cve/CVE-2024-35857"
},
{
"category": "external",
"summary": "SUSE Bug 1224619 for CVE-2024-35857",
"url": "https://bugzilla.suse.com/1224619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35857"
},
{
"cve": "CVE-2024-35861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35861",
"url": "https://www.suse.com/security/cve/CVE-2024-35861"
},
{
"category": "external",
"summary": "SUSE Bug 1224766 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "external",
"summary": "SUSE Bug 1225312 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1225312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-35861"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: guarantee refcounted children from parent session\n\nAvoid potential use-after-free bugs when walking DFS referrals,\nmounting and performing DFS failover by ensuring that all children\nfrom parent @tcon-\u003eses are also refcounted. They\u0027re all needed across\nthe entire DFS mount. Get rid of @tcon-\u003edfs_ses_list while we\u0027re at\nit, too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35869",
"url": "https://www.suse.com/security/cve/CVE-2024-35869"
},
{
"category": "external",
"summary": "SUSE Bug 1224679 for CVE-2024-35869",
"url": "https://bugzilla.suse.com/1224679"
},
{
"category": "external",
"summary": "SUSE Bug 1226328 for CVE-2024-35869",
"url": "https://bugzilla.suse.com/1226328"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-35869"
},
{
"cve": "CVE-2024-35878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: module: prevent NULL pointer dereference in vsnprintf()\n\nIn of_modalias(), we can get passed the str and len parameters which would\ncause a kernel oops in vsnprintf() since it only allows passing a NULL ptr\nwhen the length is also 0. Also, we need to filter out the negative values\nof the len parameter as these will result in a really huge buffer since\nsnprintf() takes size_t parameter while ours is ssize_t...\n\nFound by Linux Verification Center (linuxtesting.org) with the Svace static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35878",
"url": "https://www.suse.com/security/cve/CVE-2024-35878"
},
{
"category": "external",
"summary": "SUSE Bug 1224671 for CVE-2024-35878",
"url": "https://bugzilla.suse.com/1224671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35878"
},
{
"cve": "CVE-2024-35884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: do not accept non-tunnel GSO skbs landing in a tunnel\n\nWhen rx-udp-gro-forwarding is enabled UDP packets might be GROed when\nbeing forwarded. If such packets might land in a tunnel this can cause\nvarious issues and udp_gro_receive makes sure this isn\u0027t the case by\nlooking for a matching socket. This is performed in\nudp4/6_gro_lookup_skb but only in the current netns. This is an issue\nwith tunneled packets when the endpoint is in another netns. In such\ncases the packets will be GROed at the UDP level, which leads to various\nissues later on. The same thing can happen with rx-gro-list.\n\nWe saw this with geneve packets being GROed at the UDP level. In such\ncase gso_size is set; later the packet goes through the geneve rx path,\nthe geneve header is pulled, the offset are adjusted and frag_list skbs\nare not adjusted with regard to geneve. When those skbs hit\nskb_fragment, it will misbehave. Different outcomes are possible\ndepending on what the GROed skbs look like; from corrupted packets to\nkernel crashes.\n\nOne example is a BUG_ON[1] triggered in skb_segment while processing the\nfrag_list. Because gso_size is wrong (geneve header was pulled)\nskb_segment thinks there is \"geneve header size\" of data in frag_list,\nalthough it\u0027s in fact the next packet. The BUG_ON itself has nothing to\ndo with the issue. This is only one of the potential issues.\n\nLooking up for a matching socket in udp_gro_receive is fragile: the\nlookup could be extended to all netns (not speaking about performances)\nbut nothing prevents those packets from being modified in between and we\ncould still not find a matching socket. It\u0027s OK to keep the current\nlogic there as it should cover most cases but we also need to make sure\nwe handle tunnel packets being GROed too early.\n\nThis is done by extending the checks in udp_unexpected_gso: GSO packets\nlacking the SKB_GSO_UDP_TUNNEL/_CSUM bits and landing in a tunnel must\nbe segmented.\n\n[1] kernel BUG at net/core/skbuff.c:4408!\n RIP: 0010:skb_segment+0xd2a/0xf70\n __udp_gso_segment+0xaa/0x560",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35884",
"url": "https://www.suse.com/security/cve/CVE-2024-35884"
},
{
"category": "external",
"summary": "SUSE Bug 1224520 for CVE-2024-35884",
"url": "https://bugzilla.suse.com/1224520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35884"
},
{
"cve": "CVE-2024-35886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix infinite recursion in fib6_dump_done().\n\nsyzkaller reported infinite recursive calls of fib6_dump_done() during\nnetlink socket destruction. [1]\n\nFrom the log, syzkaller sent an AF_UNSPEC RTM_GETROUTE message, and then\nthe response was generated. The following recvmmsg() resumed the dump\nfor IPv6, but the first call of inet6_dump_fib() failed at kzalloc() due\nto the fault injection. [0]\n\n 12:01:34 executing program 3:\n r0 = socket$nl_route(0x10, 0x3, 0x0)\n sendmsg$nl_route(r0, ... snip ...)\n recvmmsg(r0, ... snip ...) (fail_nth: 8)\n\nHere, fib6_dump_done() was set to nlk_sk(sk)-\u003ecb.done, and the next call\nof inet6_dump_fib() set it to nlk_sk(sk)-\u003ecb.args[3]. syzkaller stopped\nreceiving the response halfway through, and finally netlink_sock_destruct()\ncalled nlk_sk(sk)-\u003ecb.done().\n\nfib6_dump_done() calls fib6_dump_end() and nlk_sk(sk)-\u003ecb.done() if it\nis still not NULL. fib6_dump_end() rewrites nlk_sk(sk)-\u003ecb.done() by\nnlk_sk(sk)-\u003ecb.args[3], but it has the same function, not NULL, calling\nitself recursively and hitting the stack guard page.\n\nTo avoid the issue, let\u0027s set the destructor after kzalloc().\n\n[0]:\nFAULT_INJECTION: forcing a failure.\nname failslab, interval 1, probability 0, space 0, times 0\nCPU: 1 PID: 432110 Comm: syz-executor.3 Not tainted 6.8.0-12821-g537c2e91d354-dirty #11\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:117)\n should_fail_ex (lib/fault-inject.c:52 lib/fault-inject.c:153)\n should_failslab (mm/slub.c:3733)\n kmalloc_trace (mm/slub.c:3748 mm/slub.c:3827 mm/slub.c:3992)\n inet6_dump_fib (./include/linux/slab.h:628 ./include/linux/slab.h:749 net/ipv6/ip6_fib.c:662)\n rtnl_dump_all (net/core/rtnetlink.c:4029)\n netlink_dump (net/netlink/af_netlink.c:2269)\n netlink_recvmsg (net/netlink/af_netlink.c:1988)\n ____sys_recvmsg (net/socket.c:1046 net/socket.c:2801)\n ___sys_recvmsg (net/socket.c:2846)\n do_recvmmsg (net/socket.c:2943)\n __x64_sys_recvmmsg (net/socket.c:3041 net/socket.c:3034 net/socket.c:3034)\n\n[1]:\nBUG: TASK stack guard page was hit at 00000000f2fa9af1 (stack is 00000000b7912430..000000009a436beb)\nstack guard page: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 PID: 223719 Comm: kworker/1:3 Not tainted 6.8.0-12821-g537c2e91d354-dirty #11\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nWorkqueue: events netlink_sock_destruct_work\nRIP: 0010:fib6_dump_done (net/ipv6/ip6_fib.c:570)\nCode: 3c 24 e8 f3 e9 51 fd e9 28 fd ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 41 57 41 56 41 55 41 54 55 48 89 fd \u003c53\u003e 48 8d 5d 60 e8 b6 4d 07 fd 48 89 da 48 b8 00 00 00 00 00 fc ff\nRSP: 0018:ffffc9000d980000 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: ffffffff84405990 RCX: ffffffff844059d3\nRDX: ffff8881028e0000 RSI: ffffffff84405ac2 RDI: ffff88810c02f358\nRBP: ffff88810c02f358 R08: 0000000000000007 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000224 R12: 0000000000000000\nR13: ffff888007c82c78 R14: ffff888007c82c68 R15: ffff888007c82c68\nFS: 0000000000000000(0000) GS:ffff88811b100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d97fff8 CR3: 0000000102309002 CR4: 0000000000770ef0\nPKRU: 55555554\nCall Trace:\n \u003c#DF\u003e\n \u003c/#DF\u003e\n \u003cTASK\u003e\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n ...\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n netlink_sock_destruct (net/netlink/af_netlink.c:401)\n __sk_destruct (net/core/sock.c:2177 (discriminator 2))\n sk_destruct (net/core/sock.c:2224)\n __sk_free (net/core/sock.c:2235)\n sk_free (net/core/sock.c:2246)\n process_one_work (kernel/workqueue.c:3259)\n worker_thread (kernel/workqueue.c:3329 kernel/workqueue.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35886",
"url": "https://www.suse.com/security/cve/CVE-2024-35886"
},
{
"category": "external",
"summary": "SUSE Bug 1224670 for CVE-2024-35886",
"url": "https://bugzilla.suse.com/1224670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35886"
},
{
"cve": "CVE-2024-35896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35896"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: validate user input for expected length\n\nI got multiple syzbot reports showing old bugs exposed\nby BPF after commit 20f2505fb436 (\"bpf: Try to avoid kzalloc\nin cgroup/{s,g}etsockopt\")\n\nsetsockopt() @optlen argument should be taken into account\nbefore copying data.\n\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n BUG: KASAN: slab-out-of-bounds in do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\nRead of size 96 at addr ffff88802cd73da0 by task syz-executor.4/7238\n\nCPU: 1 PID: 7238 Comm: syz-executor.4 Not tainted 6.9.0-rc2-next-20240403-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105\n copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n copy_from_sockptr include/linux/sockptr.h:55 [inline]\n do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\n nf_setsockopt+0x295/0x2c0 net/netfilter/nf_sockopt.c:101\n do_sock_setsockopt+0x3af/0x720 net/socket.c:2311\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\nRIP: 0033:0x7fd22067dde9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fd21f9ff0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 00007fd2207abf80 RCX: 00007fd22067dde9\nRDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007fd2206ca47a R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000880 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007fd2207abf80 R15: 00007ffd2d0170d8\n \u003c/TASK\u003e\n\nAllocated by task 7238:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:370 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:4069 [inline]\n __kmalloc_noprof+0x200/0x410 mm/slub.c:4082\n kmalloc_noprof include/linux/slab.h:664 [inline]\n __cgroup_bpf_run_filter_setsockopt+0xd47/0x1050 kernel/bpf/cgroup.c:1869\n do_sock_setsockopt+0x6b4/0x720 net/socket.c:2293\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\n\nThe buggy address belongs to the object at ffff88802cd73da0\n which belongs to the cache kmalloc-8 of size 8\nThe buggy address is located 0 bytes inside of\n allocated 1-byte region [ffff88802cd73da0, ffff88802cd73da1)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802cd73020 pfn:0x2cd73\nflags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff)\npage_type: 0xffffefff(slab)\nraw: 00fff80000000000 ffff888015041280 dead000000000100 dead000000000122\nraw: ffff88802cd73020 000000008080007f 00000001ffffefff 00\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35896",
"url": "https://www.suse.com/security/cve/CVE-2024-35896"
},
{
"category": "external",
"summary": "SUSE Bug 1224662 for CVE-2024-35896",
"url": "https://bugzilla.suse.com/1224662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35896"
},
{
"cve": "CVE-2024-35898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()\n\nnft_unregister_flowtable_type() within nf_flow_inet_module_exit() can\nconcurrent with __nft_flowtable_type_get() within nf_tables_newflowtable().\nAnd thhere is not any protection when iterate over nf_tables_flowtables\nlist in __nft_flowtable_type_get(). Therefore, there is pertential\ndata-race of nf_tables_flowtables list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_flowtables list\nin __nft_flowtable_type_get(), and use rcu_read_lock() in the caller\nnft_flowtable_type_get() to protect the entire type query process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35898",
"url": "https://www.suse.com/security/cve/CVE-2024-35898"
},
{
"category": "external",
"summary": "SUSE Bug 1224498 for CVE-2024-35898",
"url": "https://bugzilla.suse.com/1224498"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35898"
},
{
"cve": "CVE-2024-35900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject new basechain after table flag update\n\nWhen dormant flag is toggled, hooks are disabled in the commit phase by\niterating over current chains in table (existing and new).\n\nThe following configuration allows for an inconsistent state:\n\n add table x\n add chain x y { type filter hook input priority 0; }\n add table x { flags dormant; }\n add chain x w { type filter hook input priority 1; }\n\nwhich triggers the following warning when trying to unregister chain w\nwhich is already unregistered.\n\n[ 127.322252] WARNING: CPU: 7 PID: 1211 at net/netfilter/core.c:50 1 __nf_unregister_net_hook+0x21a/0x260\n[...]\n[ 127.322519] Call Trace:\n[ 127.322521] \u003cTASK\u003e\n[ 127.322524] ? __warn+0x9f/0x1a0\n[ 127.322531] ? __nf_unregister_net_hook+0x21a/0x260\n[ 127.322537] ? report_bug+0x1b1/0x1e0\n[ 127.322545] ? handle_bug+0x3c/0x70\n[ 127.322552] ? exc_invalid_op+0x17/0x40\n[ 127.322556] ? asm_exc_invalid_op+0x1a/0x20\n[ 127.322563] ? kasan_save_free_info+0x3b/0x60\n[ 127.322570] ? __nf_unregister_net_hook+0x6a/0x260\n[ 127.322577] ? __nf_unregister_net_hook+0x21a/0x260\n[ 127.322583] ? __nf_unregister_net_hook+0x6a/0x260\n[ 127.322590] ? __nf_tables_unregister_hook+0x8a/0xe0 [nf_tables]\n[ 127.322655] nft_table_disable+0x75/0xf0 [nf_tables]\n[ 127.322717] nf_tables_commit+0x2571/0x2620 [nf_tables]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35900",
"url": "https://www.suse.com/security/cve/CVE-2024-35900"
},
{
"category": "external",
"summary": "SUSE Bug 1224497 for CVE-2024-35900",
"url": "https://bugzilla.suse.com/1224497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35900"
},
{
"cve": "CVE-2024-35905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Protect against int overflow for stack access size\n\nThis patch re-introduces protection against the size of access to stack\nmemory being negative; the access size can appear negative as a result\nof overflowing its signed int representation. This should not actually\nhappen, as there are other protections along the way, but we should\nprotect against it anyway. One code path was missing such protections\n(fixed in the previous patch in the series), causing out-of-bounds array\naccesses in check_stack_range_initialized(). This patch causes the\nverification of a program with such a non-sensical access size to fail.\n\nThis check used to exist in a more indirect way, but was inadvertendly\nremoved in a833a17aeac7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35905",
"url": "https://www.suse.com/security/cve/CVE-2024-35905"
},
{
"category": "external",
"summary": "SUSE Bug 1224488 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "external",
"summary": "SUSE Bug 1226327 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1226327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-35905"
},
{
"cve": "CVE-2024-35925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: prevent division by zero in blk_rq_stat_sum()\n\nThe expression dst-\u003enr_samples + src-\u003enr_samples may\nhave zero value on overflow. It is necessary to add\na check to avoid division by zero.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35925",
"url": "https://www.suse.com/security/cve/CVE-2024-35925"
},
{
"category": "external",
"summary": "SUSE Bug 1224661 for CVE-2024-35925",
"url": "https://bugzilla.suse.com/1224661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35925"
},
{
"cve": "CVE-2024-35950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev-\u003emode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors\u0027\nmode lists, which are protected by dev-\u003emode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35950",
"url": "https://www.suse.com/security/cve/CVE-2024-35950"
},
{
"category": "external",
"summary": "SUSE Bug 1224703 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "external",
"summary": "SUSE Bug 1225310 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1225310"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-35956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: qgroup: fix qgroup prealloc rsv leak in subvolume operations\n\nCreate subvolume, create snapshot and delete subvolume all use\nbtrfs_subvolume_reserve_metadata() to reserve metadata for the changes\ndone to the parent subvolume\u0027s fs tree, which cannot be mediated in the\nnormal way via start_transaction. When quota groups (squota or qgroups)\nare enabled, this reserves qgroup metadata of type PREALLOC. Once the\noperation is associated to a transaction, we convert PREALLOC to\nPERTRANS, which gets cleared in bulk at the end of the transaction.\n\nHowever, the error paths of these three operations were not implementing\nthis lifecycle correctly. They unconditionally converted the PREALLOC to\nPERTRANS in a generic cleanup step regardless of errors or whether the\noperation was fully associated to a transaction or not. This resulted in\nerror paths occasionally converting this rsv to PERTRANS without calling\nrecord_root_in_trans successfully, which meant that unless that root got\nrecorded in the transaction by some other thread, the end of the\ntransaction would not free that root\u0027s PERTRANS, leaking it. Ultimately,\nthis resulted in hitting a WARN in CONFIG_BTRFS_DEBUG builds at unmount\nfor the leaked reservation.\n\nThe fix is to ensure that every qgroup PREALLOC reservation observes the\nfollowing properties:\n\n1. any failure before record_root_in_trans is called successfully\n results in freeing the PREALLOC reservation.\n2. after record_root_in_trans, we convert to PERTRANS, and now the\n transaction owns freeing the reservation.\n\nThis patch enforces those properties on the three operations. Without\nit, generic/269 with squotas enabled at mkfs time would fail in ~5-10\nruns on my system. With this patch, it ran successfully 1000 times in a\nrow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35956",
"url": "https://www.suse.com/security/cve/CVE-2024-35956"
},
{
"category": "external",
"summary": "SUSE Bug 1224674 for CVE-2024-35956",
"url": "https://bugzilla.suse.com/1224674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35956"
},
{
"cve": "CVE-2024-35958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ena: Fix incorrect descriptor free behavior\n\nENA has two types of TX queues:\n- queues which only process TX packets arriving from the network stack\n- queues which only process TX packets forwarded to it by XDP_REDIRECT\n or XDP_TX instructions\n\nThe ena_free_tx_bufs() cycles through all descriptors in a TX queue\nand unmaps + frees every descriptor that hasn\u0027t been acknowledged yet\nby the device (uncompleted TX transactions).\nThe function assumes that the processed TX queue is necessarily from\nthe first category listed above and ends up using napi_consume_skb()\nfor descriptors belonging to an XDP specific queue.\n\nThis patch solves a bug in which, in case of a VF reset, the\ndescriptors aren\u0027t freed correctly, leading to crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35958",
"url": "https://www.suse.com/security/cve/CVE-2024-35958"
},
{
"category": "external",
"summary": "SUSE Bug 1224677 for CVE-2024-35958",
"url": "https://bugzilla.suse.com/1224677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35958"
},
{
"cve": "CVE-2024-35960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Properly link new fs rules into the tree\n\nPreviously, add_rule_fg would only add newly created rules from the\nhandle into the tree when they had a refcount of 1. On the other hand,\ncreate_flow_handle tries hard to find and reference already existing\nidentical rules instead of creating new ones.\n\nThese two behaviors can result in a situation where create_flow_handle\n1) creates a new rule and references it, then\n2) in a subsequent step during the same handle creation references it\n again,\nresulting in a rule with a refcount of 2 that is not linked into the\ntree, will have a NULL parent and root and will result in a crash when\nthe flow group is deleted because del_sw_hw_rule, invoked on rule\ndeletion, assumes node-\u003eparent is != NULL.\n\nThis happened in the wild, due to another bug related to incorrect\nhandling of duplicate pkt_reformat ids, which lead to the code in\ncreate_flow_handle incorrectly referencing a just-added rule in the same\nflow handle, resulting in the problem described above. Full details are\nat [1].\n\nThis patch changes add_rule_fg to add new rules without parents into\nthe tree, properly initializing them and avoiding the crash. This makes\nit more consistent with how rules are added to an FTE in\ncreate_flow_handle.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35960",
"url": "https://www.suse.com/security/cve/CVE-2024-35960"
},
{
"category": "external",
"summary": "SUSE Bug 1224588 for CVE-2024-35960",
"url": "https://bugzilla.suse.com/1224588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35960"
},
{
"cve": "CVE-2024-35962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: complete validation of user input\n\nIn my recent commit, I missed that do_replace() handlers\nuse copy_from_sockptr() (which I fixed), followed\nby unsafe copy_from_sockptr_offset() calls.\n\nIn all functions, we can perform the @optlen validation\nbefore even calling xt_alloc_table_info() with the following\ncheck:\n\nif ((u64)optlen \u003c (u64)tmp.size + sizeof(tmp))\n return -EINVAL;",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35962",
"url": "https://www.suse.com/security/cve/CVE-2024-35962"
},
{
"category": "external",
"summary": "SUSE Bug 1224583 for CVE-2024-35962",
"url": "https://bugzilla.suse.com/1224583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35962"
},
{
"cve": "CVE-2024-35997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up\n\nThe flag I2C_HID_READ_PENDING is used to serialize I2C operations.\nHowever, this is not necessary, because I2C core already has its own\nlocking for that.\n\nMore importantly, this flag can cause a lock-up: if the flag is set in\ni2c_hid_xfer() and an interrupt happens, the interrupt handler\n(i2c_hid_irq) will check this flag and return immediately without doing\nanything, then the interrupt handler will be invoked again in an\ninfinite loop.\n\nSince interrupt handler is an RT task, it takes over the CPU and the\nflag-clearing task never gets scheduled, thus we have a lock-up.\n\nDelete this unnecessary flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35997",
"url": "https://www.suse.com/security/cve/CVE-2024-35997"
},
{
"category": "external",
"summary": "SUSE Bug 1224552 for CVE-2024-35997",
"url": "https://bugzilla.suse.com/1224552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-35997"
},
{
"cve": "CVE-2024-36005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: honor table dormant flag from netdev release event path\n\nCheck for table dormant flag otherwise netdev release event path tries\nto unregister an already unregistered hook.\n\n[524854.857999] ------------[ cut here ]------------\n[524854.858010] WARNING: CPU: 0 PID: 3386599 at net/netfilter/core.c:501 __nf_unregister_net_hook+0x21a/0x260\n[...]\n[524854.858848] CPU: 0 PID: 3386599 Comm: kworker/u32:2 Not tainted 6.9.0-rc3+ #365\n[524854.858869] Workqueue: netns cleanup_net\n[524854.858886] RIP: 0010:__nf_unregister_net_hook+0x21a/0x260\n[524854.858903] Code: 24 e8 aa 73 83 ff 48 63 43 1c 83 f8 01 0f 85 3d ff ff ff e8 98 d1 f0 ff 48 8b 3c 24 e8 8f 73 83 ff 48 63 43 1c e9 26 ff ff ff \u003c0f\u003e 0b 48 83 c4 18 48 c7 c7 00 68 e9 82 5b 5d 41 5c 41 5d 41 5e 41\n[524854.858914] RSP: 0018:ffff8881e36d79e0 EFLAGS: 00010246\n[524854.858926] RAX: 0000000000000000 RBX: ffff8881339ae790 RCX: ffffffff81ba524a\n[524854.858936] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881c8a16438\n[524854.858945] RBP: ffff8881c8a16438 R08: 0000000000000001 R09: ffffed103c6daf34\n[524854.858954] R10: ffff8881e36d79a7 R11: 0000000000000000 R12: 0000000000000005\n[524854.858962] R13: ffff8881c8a16000 R14: 0000000000000000 R15: ffff8881351b5a00\n[524854.858971] FS: 0000000000000000(0000) GS:ffff888390800000(0000) knlGS:0000000000000000\n[524854.858982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[524854.858991] CR2: 00007fc9be0f16f4 CR3: 00000001437cc004 CR4: 00000000001706f0\n[524854.859000] Call Trace:\n[524854.859006] \u003cTASK\u003e\n[524854.859013] ? __warn+0x9f/0x1a0\n[524854.859027] ? __nf_unregister_net_hook+0x21a/0x260\n[524854.859044] ? report_bug+0x1b1/0x1e0\n[524854.859060] ? handle_bug+0x3c/0x70\n[524854.859071] ? exc_invalid_op+0x17/0x40\n[524854.859083] ? asm_exc_invalid_op+0x1a/0x20\n[524854.859100] ? __nf_unregister_net_hook+0x6a/0x260\n[524854.859116] ? __nf_unregister_net_hook+0x21a/0x260\n[524854.859135] nf_tables_netdev_event+0x337/0x390 [nf_tables]\n[524854.859304] ? __pfx_nf_tables_netdev_event+0x10/0x10 [nf_tables]\n[524854.859461] ? packet_notifier+0xb3/0x360\n[524854.859476] ? _raw_spin_unlock_irqrestore+0x11/0x40\n[524854.859489] ? dcbnl_netdevice_event+0x35/0x140\n[524854.859507] ? __pfx_nf_tables_netdev_event+0x10/0x10 [nf_tables]\n[524854.859661] notifier_call_chain+0x7d/0x140\n[524854.859677] unregister_netdevice_many_notify+0x5e1/0xae0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36005",
"url": "https://www.suse.com/security/cve/CVE-2024-36005"
},
{
"category": "external",
"summary": "SUSE Bug 1224539 for CVE-2024-36005",
"url": "https://bugzilla.suse.com/1224539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36005"
},
{
"cve": "CVE-2024-36008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: check for NULL idev in ip_route_use_hint()\n\nsyzbot was able to trigger a NULL deref in fib_validate_source()\nin an old tree [1].\n\nIt appears the bug exists in latest trees.\n\nAll calls to __in_dev_get_rcu() must be checked for a NULL result.\n\n[1]\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 2 PID: 3257 Comm: syz-executor.3 Not tainted 5.10.0-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:fib_validate_source+0xbf/0x15a0 net/ipv4/fib_frontend.c:425\nCode: 18 f2 f2 f2 f2 42 c7 44 20 23 f3 f3 f3 f3 48 89 44 24 78 42 c6 44 20 27 f3 e8 5d 88 48 fc 4c 89 e8 48 c1 e8 03 48 89 44 24 18 \u003c42\u003e 80 3c 20 00 74 08 4c 89 ef e8 d2 15 98 fc 48 89 5c 24 10 41 bf\nRSP: 0018:ffffc900015fee40 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88800f7a4000 RCX: ffff88800f4f90c0\nRDX: 0000000000000000 RSI: 0000000004001eac RDI: ffff8880160c64c0\nRBP: ffffc900015ff060 R08: 0000000000000000 R09: ffff88800f7a4000\nR10: 0000000000000002 R11: ffff88800f4f90c0 R12: dffffc0000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: ffff88800f7a4000\nFS: 00007f938acfe6c0(0000) GS:ffff888058c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f938acddd58 CR3: 000000001248e000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n ip_route_use_hint+0x410/0x9b0 net/ipv4/route.c:2231\n ip_rcv_finish_core+0x2c4/0x1a30 net/ipv4/ip_input.c:327\n ip_list_rcv_finish net/ipv4/ip_input.c:612 [inline]\n ip_sublist_rcv+0x3ed/0xe50 net/ipv4/ip_input.c:638\n ip_list_rcv+0x422/0x470 net/ipv4/ip_input.c:673\n __netif_receive_skb_list_ptype net/core/dev.c:5572 [inline]\n __netif_receive_skb_list_core+0x6b1/0x890 net/core/dev.c:5620\n __netif_receive_skb_list net/core/dev.c:5672 [inline]\n netif_receive_skb_list_internal+0x9f9/0xdc0 net/core/dev.c:5764\n netif_receive_skb_list+0x55/0x3e0 net/core/dev.c:5816\n xdp_recv_frames net/bpf/test_run.c:257 [inline]\n xdp_test_run_batch net/bpf/test_run.c:335 [inline]\n bpf_test_run_xdp_live+0x1818/0x1d00 net/bpf/test_run.c:363\n bpf_prog_test_run_xdp+0x81f/0x1170 net/bpf/test_run.c:1376\n bpf_prog_test_run+0x349/0x3c0 kernel/bpf/syscall.c:3736\n __sys_bpf+0x45c/0x710 kernel/bpf/syscall.c:5115\n __do_sys_bpf kernel/bpf/syscall.c:5201 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5199 [inline]\n __x64_sys_bpf+0x7c/0x90 kernel/bpf/syscall.c:5199",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36008",
"url": "https://www.suse.com/security/cve/CVE-2024-36008"
},
{
"category": "external",
"summary": "SUSE Bug 1224540 for CVE-2024-36008",
"url": "https://bugzilla.suse.com/1224540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36008"
},
{
"cve": "CVE-2024-36017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation\n\nEach attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a\nstruct ifla_vf_vlan_info so the size of such attribute needs to be at least\nof sizeof(struct ifla_vf_vlan_info) which is 14 bytes.\nThe current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes)\nwhich is less than sizeof(struct ifla_vf_vlan_info) so this validation\nis not enough and a too small attribute might be cast to a\nstruct ifla_vf_vlan_info, this might result in an out of bands\nread access when accessing the saved (casted) entry in ivvl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36017",
"url": "https://www.suse.com/security/cve/CVE-2024-36017"
},
{
"category": "external",
"summary": "SUSE Bug 1225681 for CVE-2024-36017",
"url": "https://bugzilla.suse.com/1225681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36017"
},
{
"cve": "CVE-2024-36020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix vf may be used uninitialized in this function warning\n\nTo fix the regression introduced by commit 52424f974bc5, which causes\nservers hang in very hard to reproduce conditions with resets races.\nUsing two sources for the information is the root cause.\nIn this function before the fix bumping v didn\u0027t mean bumping vf\npointer. But the code used this variables interchangeably, so stale vf\ncould point to different/not intended vf.\n\nRemove redundant \"v\" variable and iterate via single VF pointer across\nwhole function instead to guarantee VF pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36020",
"url": "https://www.suse.com/security/cve/CVE-2024-36020"
},
{
"category": "external",
"summary": "SUSE Bug 1225698 for CVE-2024-36020",
"url": "https://bugzilla.suse.com/1225698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36020"
},
{
"cve": "CVE-2024-36021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when devlink reload during pf initialization\n\nThe devlink reload process will access the hardware resources,\nbut the register operation is done before the hardware is initialized.\nSo, processing the devlink reload during initialization may lead to kernel\ncrash. This patch fixes this by taking devl_lock during initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36021",
"url": "https://www.suse.com/security/cve/CVE-2024-36021"
},
{
"category": "external",
"summary": "SUSE Bug 1225699 for CVE-2024-36021",
"url": "https://bugzilla.suse.com/1225699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36021"
},
{
"cve": "CVE-2024-36025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36025"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix off by one in qla_edif_app_getstats()\n\nThe app_reply-\u003eelem[] array is allocated earlier in this function and it\nhas app_req.num_ports elements. Thus this \u003e comparison needs to be \u003e= to\nprevent memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36025",
"url": "https://www.suse.com/security/cve/CVE-2024-36025"
},
{
"category": "external",
"summary": "SUSE Bug 1225704 for CVE-2024-36025",
"url": "https://bugzilla.suse.com/1225704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36025"
},
{
"cve": "CVE-2024-36477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36477"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer\n\nThe TPM SPI transfer mechanism uses MAX_SPI_FRAMESIZE for computing the\nmaximum transfer length and the size of the transfer buffer. As such, it\ndoes not account for the 4 bytes of header that prepends the SPI data\nframe. This can result in out-of-bounds accesses and was confirmed with\nKASAN.\n\nIntroduce SPI_HDRSIZE to account for the header and use to allocate the\ntransfer buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36477",
"url": "https://www.suse.com/security/cve/CVE-2024-36477"
},
{
"category": "external",
"summary": "SUSE Bug 1226840 for CVE-2024-36477",
"url": "https://bugzilla.suse.com/1226840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36477"
},
{
"cve": "CVE-2024-36478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36478"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix null-ptr-dereference while configuring \u0027power\u0027 and \u0027submit_queues\u0027\n\nWriting \u0027power\u0027 and \u0027submit_queues\u0027 concurrently will trigger kernel\npanic:\n\nTest script:\n\nmodprobe null_blk nr_devices=0\nmkdir -p /sys/kernel/config/nullb/nullb0\nwhile true; do echo 1 \u003e submit_queues; echo 4 \u003e submit_queues; done \u0026\nwhile true; do echo 1 \u003e power; echo 0 \u003e power; done\n\nTest result:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000148\nOops: 0000 [#1] PREEMPT SMP\nRIP: 0010:__lock_acquire+0x41d/0x28f0\nCall Trace:\n \u003cTASK\u003e\n lock_acquire+0x121/0x450\n down_write+0x5f/0x1d0\n simple_recursive_removal+0x12f/0x5c0\n blk_mq_debugfs_unregister_hctxs+0x7c/0x100\n blk_mq_update_nr_hw_queues+0x4a3/0x720\n nullb_update_nr_hw_queues+0x71/0xf0 [null_blk]\n nullb_device_submit_queues_store+0x79/0xf0 [null_blk]\n configfs_write_iter+0x119/0x1e0\n vfs_write+0x326/0x730\n ksys_write+0x74/0x150\n\nThis is because del_gendisk() can concurrent with\nblk_mq_update_nr_hw_queues():\n\nnullb_device_power_store\tnullb_apply_submit_queues\n null_del_dev\n del_gendisk\n\t\t\t\t nullb_update_nr_hw_queues\n\t\t\t\t if (!dev-\u003enullb)\n\t\t\t\t // still set while gendisk is deleted\n\t\t\t\t return 0\n\t\t\t\t blk_mq_update_nr_hw_queues\n dev-\u003enullb = NULL\n\nFix this problem by resuing the global mutex to protect\nnullb_device_power_store() and nullb_update_nr_hw_queues() from configfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36478",
"url": "https://www.suse.com/security/cve/CVE-2024-36478"
},
{
"category": "external",
"summary": "SUSE Bug 1226841 for CVE-2024-36478",
"url": "https://bugzilla.suse.com/1226841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36478"
},
{
"cve": "CVE-2024-36479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36479"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: bridge: add owner module and take its refcount\n\nThe current implementation of the fpga bridge assumes that the low-level\nmodule registers a driver for the parent device and uses its owner pointer\nto take the module\u0027s refcount. This approach is problematic since it can\nlead to a null pointer dereference while attempting to get the bridge if\nthe parent device does not have a driver.\n\nTo address this problem, add a module owner pointer to the fpga_bridge\nstruct and use it to take the module\u0027s refcount. Modify the function for\nregistering a bridge to take an additional owner module parameter and\nrename it to avoid conflicts. Use the old function name for a helper macro\nthat automatically sets the module that registers the bridge as the owner.\nThis ensures compatibility with existing low-level control modules and\nreduces the chances of registering a bridge without setting the owner.\n\nAlso, update the documentation to keep it consistent with the new interface\nfor registering an fpga bridge.\n\nOther changes: opportunistically move put_device() from __fpga_bridge_get()\nto fpga_bridge_get() and of_fpga_bridge_get() to improve code clarity since\nthe bridge device is taken in these functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36479",
"url": "https://www.suse.com/security/cve/CVE-2024-36479"
},
{
"category": "external",
"summary": "SUSE Bug 1226949 for CVE-2024-36479",
"url": "https://bugzilla.suse.com/1226949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36479"
},
{
"cve": "CVE-2024-36890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slab: make __free(kfree) accept error pointers\n\nCurrently, if an automatically freed allocation is an error pointer that\nwill lead to a crash. An example of this is in wm831x_gpio_dbg_show().\n\n 171\tchar *label __free(kfree) = gpiochip_dup_line_label(chip, i);\n 172\tif (IS_ERR(label)) {\n 173\t\tdev_err(wm831x-\u003edev, \"Failed to duplicate label\\n\");\n 174\t\tcontinue;\n 175 }\n\nThe auto clean up function should check for error pointers as well,\notherwise we\u0027re going to keep hitting issues like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36890",
"url": "https://www.suse.com/security/cve/CVE-2024-36890"
},
{
"category": "external",
"summary": "SUSE Bug 1225714 for CVE-2024-36890",
"url": "https://bugzilla.suse.com/1225714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36890"
},
{
"cve": "CVE-2024-36894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete\n\nFFS based applications can utilize the aio_cancel() callback to dequeue\npending USB requests submitted to the UDC. There is a scenario where the\nFFS application issues an AIO cancel call, while the UDC is handling a\nsoft disconnect. For a DWC3 based implementation, the callstack looks\nlike the following:\n\n DWC3 Gadget FFS Application\ndwc3_gadget_soft_disconnect() ...\n --\u003e dwc3_stop_active_transfers()\n --\u003e dwc3_gadget_giveback(-ESHUTDOWN)\n --\u003e ffs_epfile_async_io_complete() ffs_aio_cancel()\n --\u003e usb_ep_free_request() --\u003e usb_ep_dequeue()\n\nThere is currently no locking implemented between the AIO completion\nhandler and AIO cancel, so the issue occurs if the completion routine is\nrunning in parallel to an AIO cancel call coming from the FFS application.\nAs the completion call frees the USB request (io_data-\u003ereq) the FFS\napplication is also referencing it for the usb_ep_dequeue() call. This can\nlead to accessing a stale/hanging pointer.\n\ncommit b566d38857fc (\"usb: gadget: f_fs: use io_data-\u003estatus consistently\")\nrelocated the usb_ep_free_request() into ffs_epfile_async_io_complete().\nHowever, in order to properly implement locking to mitigate this issue, the\nspinlock can\u0027t be added to ffs_epfile_async_io_complete(), as\nusb_ep_dequeue() (if successfully dequeuing a USB request) will call the\nfunction driver\u0027s completion handler in the same context. Hence, leading\ninto a deadlock.\n\nFix this issue by moving the usb_ep_free_request() back to\nffs_user_copy_worker(), and ensuring that it explicitly sets io_data-\u003ereq\nto NULL after freeing it within the ffs-\u003eeps_lock. This resolves the race\ncondition above, as the ffs_aio_cancel() routine will not continue\nattempting to dequeue a request that has already been freed, or the\nffs_user_copy_work() not freeing the USB request until the AIO cancel is\ndone referencing it.\n\nThis fix depends on\n commit b566d38857fc (\"usb: gadget: f_fs: use io_data-\u003estatus\n consistently\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36894",
"url": "https://www.suse.com/security/cve/CVE-2024-36894"
},
{
"category": "external",
"summary": "SUSE Bug 1225749 for CVE-2024-36894",
"url": "https://bugzilla.suse.com/1225749"
},
{
"category": "external",
"summary": "SUSE Bug 1226139 for CVE-2024-36894",
"url": "https://bugzilla.suse.com/1226139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36894"
},
{
"cve": "CVE-2024-36899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: Fix use after free in lineinfo_changed_notify\n\nThe use-after-free issue occurs as follows: when the GPIO chip device file\nis being closed by invoking gpio_chrdev_release(), watched_lines is freed\nby bitmap_free(), but the unregistration of lineinfo_changed_nb notifier\nchain failed due to waiting write rwsem. Additionally, one of the GPIO\nchip\u0027s lines is also in the release process and holds the notifier chain\u0027s\nread rwsem. Consequently, a race condition leads to the use-after-free of\nwatched_lines.\n\nHere is the typical stack when issue happened:\n\n[free]\ngpio_chrdev_release()\n --\u003e bitmap_free(cdev-\u003ewatched_lines) \u003c-- freed\n --\u003e blocking_notifier_chain_unregister()\n --\u003e down_write(\u0026nh-\u003erwsem) \u003c-- waiting rwsem\n --\u003e __down_write_common()\n --\u003e rwsem_down_write_slowpath()\n --\u003e schedule_preempt_disabled()\n --\u003e schedule()\n\n[use]\nst54spi_gpio_dev_release()\n --\u003e gpio_free()\n --\u003e gpiod_free()\n --\u003e gpiod_free_commit()\n --\u003e gpiod_line_state_notify()\n --\u003e blocking_notifier_call_chain()\n --\u003e down_read(\u0026nh-\u003erwsem); \u003c-- held rwsem\n --\u003e notifier_call_chain()\n --\u003e lineinfo_changed_notify()\n --\u003e test_bit(xxxx, cdev-\u003ewatched_lines) \u003c-- use after free\n\nThe side effect of the use-after-free issue is that a GPIO line event is\nbeing generated for userspace where it shouldn\u0027t. However, since the chrdev\nis being closed, userspace won\u0027t have the chance to read that event anyway.\n\nTo fix the issue, call the bitmap_free() function after the unregistration\nof lineinfo_changed_nb notifier chain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36899",
"url": "https://www.suse.com/security/cve/CVE-2024-36899"
},
{
"category": "external",
"summary": "SUSE Bug 1225737 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225737"
},
{
"category": "external",
"summary": "SUSE Bug 1225739 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36899"
},
{
"cve": "CVE-2024-36900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when devlink reload during initialization\n\nThe devlink reload process will access the hardware resources,\nbut the register operation is done before the hardware is initialized.\nSo, processing the devlink reload during initialization may lead to kernel\ncrash.\n\nThis patch fixes this by registering the devlink after\nhardware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36900",
"url": "https://www.suse.com/security/cve/CVE-2024-36900"
},
{
"category": "external",
"summary": "SUSE Bug 1225726 for CVE-2024-36900",
"url": "https://bugzilla.suse.com/1225726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36900"
},
{
"cve": "CVE-2024-36904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Use refcount_inc_not_zero() in tcp_twsk_unique().\n\nAnderson Nascimento reported a use-after-free splat in tcp_twsk_unique()\nwith nice analysis.\n\nSince commit ec94c2696f0b (\"tcp/dccp: avoid one atomic operation for\ntimewait hashdance\"), inet_twsk_hashdance() sets TIME-WAIT socket\u0027s\nsk_refcnt after putting it into ehash and releasing the bucket lock.\n\nThus, there is a small race window where other threads could try to\nreuse the port during connect() and call sock_hold() in tcp_twsk_unique()\nfor the TIME-WAIT socket with zero refcnt.\n\nIf that happens, the refcnt taken by tcp_twsk_unique() is overwritten\nand sock_put() will cause underflow, triggering a real use-after-free\nsomewhere else.\n\nTo avoid the use-after-free, we need to use refcount_inc_not_zero() in\ntcp_twsk_unique() and give up on reusing the port if it returns false.\n\n[0]:\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 0 PID: 1039313 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110\nCPU: 0 PID: 1039313 Comm: trigger Not tainted 6.8.6-200.fc39.x86_64 #1\nHardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.21805430.B64.2305221830 05/22/2023\nRIP: 0010:refcount_warn_saturate+0xe5/0x110\nCode: 42 8e ff 0f 0b c3 cc cc cc cc 80 3d aa 13 ea 01 00 0f 85 5e ff ff ff 48 c7 c7 f8 8e b7 82 c6 05 96 13 ea 01 01 e8 7b 42 8e ff \u003c0f\u003e 0b c3 cc cc cc cc 48 c7 c7 50 8f b7 82 c6 05 7a 13 ea 01 01 e8\nRSP: 0018:ffffc90006b43b60 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888009bb3ef0 RCX: 0000000000000027\nRDX: ffff88807be218c8 RSI: 0000000000000001 RDI: ffff88807be218c0\nRBP: 0000000000069d70 R08: 0000000000000000 R09: ffffc90006b439f0\nR10: ffffc90006b439e8 R11: 0000000000000003 R12: ffff8880029ede84\nR13: 0000000000004e20 R14: ffffffff84356dc0 R15: ffff888009bb3ef0\nFS: 00007f62c10926c0(0000) GS:ffff88807be00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020ccb000 CR3: 000000004628c005 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xe5/0x110\n ? __warn+0x81/0x130\n ? refcount_warn_saturate+0xe5/0x110\n ? report_bug+0x171/0x1a0\n ? refcount_warn_saturate+0xe5/0x110\n ? handle_bug+0x3c/0x80\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? refcount_warn_saturate+0xe5/0x110\n tcp_twsk_unique+0x186/0x190\n __inet_check_established+0x176/0x2d0\n __inet_hash_connect+0x74/0x7d0\n ? __pfx___inet_check_established+0x10/0x10\n tcp_v4_connect+0x278/0x530\n __inet_stream_connect+0x10f/0x3d0\n inet_stream_connect+0x3a/0x60\n __sys_connect+0xa8/0xd0\n __x64_sys_connect+0x18/0x20\n do_syscall_64+0x83/0x170\n entry_SYSCALL_64_after_hwframe+0x78/0x80\nRIP: 0033:0x7f62c11a885d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d a3 45 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007f62c1091e58 EFLAGS: 00000296 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000020ccb004 RCX: 00007f62c11a885d\nRDX: 0000000000000010 RSI: 0000000020ccb000 RDI: 0000000000000003\nRBP: 00007f62c1091e90 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000296 R12: 00007f62c10926c0\nR13: ffffffffffffff88 R14: 0000000000000000 R15: 00007ffe237885b0\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36904",
"url": "https://www.suse.com/security/cve/CVE-2024-36904"
},
{
"category": "external",
"summary": "SUSE Bug 1225732 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225732"
},
{
"category": "external",
"summary": "SUSE Bug 1225733 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36904"
},
{
"cve": "CVE-2024-36915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: llcp: fix nfc_llcp_setsockopt() unsafe copies\n\nsyzbot reported unsafe calls to copy_from_sockptr() [1]\n\nUse copy_safe_from_sockptr() instead.\n\n[1]\n\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in nfc_llcp_setsockopt+0x6c2/0x850 net/nfc/llcp_sock.c:255\nRead of size 4 at addr ffff88801caa1ec3 by task syz-executor459/5078\n\nCPU: 0 PID: 5078 Comm: syz-executor459 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n copy_from_sockptr include/linux/sockptr.h:55 [inline]\n nfc_llcp_setsockopt+0x6c2/0x850 net/nfc/llcp_sock.c:255\n do_sock_setsockopt+0x3b1/0x720 net/socket.c:2311\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfd/0x240\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\nRIP: 0033:0x7f7fac07fd89\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 91 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff660eb788 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f7fac07fd89\nRDX: 0000000000000000 RSI: 0000000000000118 RDI: 0000000000000004\nRBP: 0000000000000000 R08: 0000000000000002 R09: 0000000000000000\nR10: 0000000020000a80 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36915",
"url": "https://www.suse.com/security/cve/CVE-2024-36915"
},
{
"category": "external",
"summary": "SUSE Bug 1225758 for CVE-2024-36915",
"url": "https://bugzilla.suse.com/1225758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36915"
},
{
"cve": "CVE-2024-36916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36916"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-iocost: avoid out of bounds shift\n\nUBSAN catches undefined behavior in blk-iocost, where sometimes\niocg-\u003edelay is shifted right by a number that is too large,\nresulting in undefined behavior on some architectures.\n\n[ 186.556576] ------------[ cut here ]------------\nUBSAN: shift-out-of-bounds in block/blk-iocost.c:1366:23\nshift exponent 64 is too large for 64-bit type \u0027u64\u0027 (aka \u0027unsigned long long\u0027)\nCPU: 16 PID: 0 Comm: swapper/16 Tainted: G S E N 6.9.0-0_fbk700_debug_rc2_kbuilder_0_gc85af715cac0 #1\nHardware name: Quanta Twin Lakes MP/Twin Lakes Passive MP, BIOS F09_3A23 12/08/2020\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x8f/0xe0\n __ubsan_handle_shift_out_of_bounds+0x22c/0x280\n iocg_kick_delay+0x30b/0x310\n ioc_timer_fn+0x2fb/0x1f80\n __run_timer_base+0x1b6/0x250\n...\n\nAvoid that undefined behavior by simply taking the\n\"delay = 0\" branch if the shift is too large.\n\nI am not sure what the symptoms of an undefined value\ndelay will be, but I suspect it could be more than a\nlittle annoying to debug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36916",
"url": "https://www.suse.com/security/cve/CVE-2024-36916"
},
{
"category": "external",
"summary": "SUSE Bug 1225759 for CVE-2024-36916",
"url": "https://bugzilla.suse.com/1225759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36916"
},
{
"cve": "CVE-2024-36917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix overflow in blk_ioctl_discard()\n\nThere is no check for overflow of \u0027start + len\u0027 in blk_ioctl_discard().\nHung task occurs if submit an discard ioctl with the following param:\n start = 0x80000000000ff000, len = 0x8000000000fff000;\nAdd the overflow validation now.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36917",
"url": "https://www.suse.com/security/cve/CVE-2024-36917"
},
{
"category": "external",
"summary": "SUSE Bug 1225770 for CVE-2024-36917",
"url": "https://bugzilla.suse.com/1225770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36917"
},
{
"cve": "CVE-2024-36919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload\n\nThe session resources are used by FW and driver when session is offloaded,\nonce session is uploaded these resources are not used. The lock is not\nrequired as these fields won\u0027t be used any longer. The offload and upload\ncalls are sequential, hence lock is not required.\n\nThis will suppress following BUG_ON():\n\n[ 449.843143] ------------[ cut here ]------------\n[ 449.848302] kernel BUG at mm/vmalloc.c:2727!\n[ 449.853072] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n[ 449.858712] CPU: 5 PID: 1996 Comm: kworker/u24:2 Not tainted 5.14.0-118.el9.x86_64 #1\nRebooting.\n[ 449.867454] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.3.4 11/08/2016\n[ 449.876966] Workqueue: fc_rport_eq fc_rport_work [libfc]\n[ 449.882910] RIP: 0010:vunmap+0x2e/0x30\n[ 449.887098] Code: 00 65 8b 05 14 a2 f0 4a a9 00 ff ff 00 75 1b 55 48 89 fd e8 34 36 79 00 48 85 ed 74 0b 48 89 ef 31 f6 5d e9 14 fc ff ff 5d c3 \u003c0f\u003e 0b 0f 1f 44 00 00 41 57 41 56 49 89 ce 41 55 49 89 fd 41 54 41\n[ 449.908054] RSP: 0018:ffffb83d878b3d68 EFLAGS: 00010206\n[ 449.913887] RAX: 0000000080000201 RBX: ffff8f4355133550 RCX: 000000000d400005\n[ 449.921843] RDX: 0000000000000001 RSI: 0000000000001000 RDI: ffffb83da53f5000\n[ 449.929808] RBP: ffff8f4ac6675800 R08: ffffb83d878b3d30 R09: 00000000000efbdf\n[ 449.937774] R10: 0000000000000003 R11: ffff8f434573e000 R12: 0000000000001000\n[ 449.945736] R13: 0000000000001000 R14: ffffb83da53f5000 R15: ffff8f43d4ea3ae0\n[ 449.953701] FS: 0000000000000000(0000) GS:ffff8f529fc80000(0000) knlGS:0000000000000000\n[ 449.962732] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 449.969138] CR2: 00007f8cf993e150 CR3: 0000000efbe10003 CR4: 00000000003706e0\n[ 449.977102] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 449.985065] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 449.993028] Call Trace:\n[ 449.995756] __iommu_dma_free+0x96/0x100\n[ 450.000139] bnx2fc_free_session_resc+0x67/0x240 [bnx2fc]\n[ 450.006171] bnx2fc_upload_session+0xce/0x100 [bnx2fc]\n[ 450.011910] bnx2fc_rport_event_handler+0x9f/0x240 [bnx2fc]\n[ 450.018136] fc_rport_work+0x103/0x5b0 [libfc]\n[ 450.023103] process_one_work+0x1e8/0x3c0\n[ 450.027581] worker_thread+0x50/0x3b0\n[ 450.031669] ? rescuer_thread+0x370/0x370\n[ 450.036143] kthread+0x149/0x170\n[ 450.039744] ? set_kthread_struct+0x40/0x40\n[ 450.044411] ret_from_fork+0x22/0x30\n[ 450.048404] Modules linked in: vfat msdos fat xfs nfs_layout_nfsv41_files rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver dm_service_time qedf qed crc8 bnx2fc libfcoe libfc scsi_transport_fc intel_rapl_msr intel_rapl_common x86_pkg_temp_thermal intel_powerclamp dcdbas rapl intel_cstate intel_uncore mei_me pcspkr mei ipmi_ssif lpc_ich ipmi_si fuse zram ext4 mbcache jbd2 loop nfsv3 nfs_acl nfs lockd grace fscache netfs irdma ice sd_mod t10_pi sg ib_uverbs ib_core 8021q garp mrp stp llc mgag200 i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sysimgblt mxm_wmi fb_sys_fops cec crct10dif_pclmul ahci crc32_pclmul bnx2x drm ghash_clmulni_intel libahci rfkill i40e libata megaraid_sas mdio wmi sunrpc lrw dm_crypt dm_round_robin dm_multipath dm_snapshot dm_bufio dm_mirror dm_region_hash dm_log dm_zero dm_mod linear raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx raid6_pq libcrc32c crc32c_intel raid1 raid0 iscsi_ibft squashfs be2iscsi bnx2i cnic uio cxgb4i cxgb4 tls\n[ 450.048497] libcxgbi libcxgb qla4xxx iscsi_boot_sysfs iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi edd ipmi_devintf ipmi_msghandler\n[ 450.159753] ---[ end trace 712de2c57c64abc8 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36919",
"url": "https://www.suse.com/security/cve/CVE-2024-36919"
},
{
"category": "external",
"summary": "SUSE Bug 1225767 for CVE-2024-36919",
"url": "https://bugzilla.suse.com/1225767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36919"
},
{
"cve": "CVE-2024-36934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbna: ensure the copied buf is NUL terminated\n\nCurrently, we allocate a nbytes-sized kernel buffer and copy nbytes from\nuserspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t\nensure that the string is terminated inside the buffer, this can lead to\nOOB read when using sscanf. Fix this issue by using memdup_user_nul\ninstead of memdup_user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36934",
"url": "https://www.suse.com/security/cve/CVE-2024-36934"
},
{
"category": "external",
"summary": "SUSE Bug 1225760 for CVE-2024-36934",
"url": "https://bugzilla.suse.com/1225760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36934"
},
{
"cve": "CVE-2024-36937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxdp: use flags field to disambiguate broadcast redirect\n\nWhen redirecting a packet using XDP, the bpf_redirect_map() helper will set\nup the redirect destination information in struct bpf_redirect_info (using\nthe __bpf_xdp_redirect_map() helper function), and the xdp_do_redirect()\nfunction will read this information after the XDP program returns and pass\nthe frame on to the right redirect destination.\n\nWhen using the BPF_F_BROADCAST flag to do multicast redirect to a whole\nmap, __bpf_xdp_redirect_map() sets the \u0027map\u0027 pointer in struct\nbpf_redirect_info to point to the destination map to be broadcast. And\nxdp_do_redirect() reacts to the value of this map pointer to decide whether\nit\u0027s dealing with a broadcast or a single-value redirect. However, if the\ndestination map is being destroyed before xdp_do_redirect() is called, the\nmap pointer will be cleared out (by bpf_clear_redirect_map()) without\nwaiting for any XDP programs to stop running. This causes xdp_do_redirect()\nto think that the redirect was to a single target, but the target pointer\nis also NULL (since broadcast redirects don\u0027t have a single target), so\nthis causes a crash when a NULL pointer is passed to dev_map_enqueue().\n\nTo fix this, change xdp_do_redirect() to react directly to the presence of\nthe BPF_F_BROADCAST flag in the \u0027flags\u0027 value in struct bpf_redirect_info\nto disambiguate between a single-target and a broadcast redirect. And only\nread the \u0027map\u0027 pointer if the broadcast flag is set, aborting if that has\nbeen cleared out in the meantime. This prevents the crash, while keeping\nthe atomic (cmpxchg-based) clearing of the map pointer itself, and without\nadding any more checks in the non-broadcast fast path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36937",
"url": "https://www.suse.com/security/cve/CVE-2024-36937"
},
{
"category": "external",
"summary": "SUSE Bug 1225834 for CVE-2024-36937",
"url": "https://bugzilla.suse.com/1225834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36937"
},
{
"cve": "CVE-2024-36940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: core: delete incorrect free in pinctrl_enable()\n\nThe \"pctldev\" struct is allocated in devm_pinctrl_register_and_init().\nIt\u0027s a devm_ managed pointer that is freed by devm_pinctrl_dev_release(),\nso freeing it in pinctrl_enable() will lead to a double free.\n\nThe devm_pinctrl_dev_release() function frees the pindescs and destroys\nthe mutex as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36940",
"url": "https://www.suse.com/security/cve/CVE-2024-36940"
},
{
"category": "external",
"summary": "SUSE Bug 1225840 for CVE-2024-36940",
"url": "https://bugzilla.suse.com/1225840"
},
{
"category": "external",
"summary": "SUSE Bug 1225841 for CVE-2024-36940",
"url": "https://bugzilla.suse.com/1225841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-36940"
},
{
"cve": "CVE-2024-36945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix neighbour and rtable leak in smc_ib_find_route()\n\nIn smc_ib_find_route(), the neighbour found by neigh_lookup() and rtable\nresolved by ip_route_output_flow() are not released or put before return.\nIt may cause the refcount leak, so fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36945",
"url": "https://www.suse.com/security/cve/CVE-2024-36945"
},
{
"category": "external",
"summary": "SUSE Bug 1225823 for CVE-2024-36945",
"url": "https://bugzilla.suse.com/1225823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36945"
},
{
"cve": "CVE-2024-36949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namd/amdkfd: sync all devices to wait all processes being evicted\n\nIf there are more than one device doing reset in parallel, the first\ndevice will call kfd_suspend_all_processes() to evict all processes\non all devices, this call takes time to finish. other device will\nstart reset and recover without waiting. if the process has not been\nevicted before doing recover, it will be restored, then caused page\nfault.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36949",
"url": "https://www.suse.com/security/cve/CVE-2024-36949"
},
{
"category": "external",
"summary": "SUSE Bug 1225894 for CVE-2024-36949",
"url": "https://bugzilla.suse.com/1225894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36949"
},
{
"cve": "CVE-2024-36960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix invalid reads in fence signaled events\n\nCorrectly set the length of the drm_event to the size of the structure\nthat\u0027s actually used.\n\nThe length of the drm_event was set to the parent structure instead of\nto the drm_vmw_event_fence which is supposed to be read. drm_read\nuses the length parameter to copy the event to the user space thus\nresuling in oob reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36960",
"url": "https://www.suse.com/security/cve/CVE-2024-36960"
},
{
"category": "external",
"summary": "SUSE Bug 1225872 for CVE-2024-36960",
"url": "https://bugzilla.suse.com/1225872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36960"
},
{
"cve": "CVE-2024-36964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36964",
"url": "https://www.suse.com/security/cve/CVE-2024-36964"
},
{
"category": "external",
"summary": "SUSE Bug 1225866 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "external",
"summary": "SUSE Bug 1226325 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1226325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-36965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: mediatek: Make sure IPI buffer fits in L2TCM\n\nThe IPI buffer location is read from the firmware that we load to the\nSystem Companion Processor, and it\u0027s not granted that both the SRAM\n(L2TCM) size that is defined in the devicetree node is large enough\nfor that, and while this is especially true for multi-core SCP, it\u0027s\nstill useful to check on single-core variants as well.\n\nFailing to perform this check may make this driver perform R/W\noperations out of the L2TCM boundary, resulting (at best) in a\nkernel panic.\n\nTo fix that, check that the IPI buffer fits, otherwise return a\nfailure and refuse to boot the relevant SCP core (or the SCP at\nall, if this is single core).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36965",
"url": "https://www.suse.com/security/cve/CVE-2024-36965"
},
{
"category": "external",
"summary": "SUSE Bug 1226149 for CVE-2024-36965",
"url": "https://bugzilla.suse.com/1226149"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36965"
},
{
"cve": "CVE-2024-36967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36967"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKEYS: trusted: Fix memory leak in tpm2_key_encode()\n\n\u0027scratch\u0027 is never freed. Fix this by calling kfree() in the success, and\nin the error case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36967",
"url": "https://www.suse.com/security/cve/CVE-2024-36967"
},
{
"category": "external",
"summary": "SUSE Bug 1226131 for CVE-2024-36967",
"url": "https://bugzilla.suse.com/1226131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36967"
},
{
"cve": "CVE-2024-36969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix division by zero in setup_dsc_config\n\nWhen slice_height is 0, the division by slice_height in the calculation\nof the number of slices will cause a division by zero driver crash. This\nleaves the kernel in a state that requires a reboot. This patch adds a\ncheck to avoid the division by zero.\n\nThe stack trace below is for the 6.8.4 Kernel. I reproduced the issue on\na Z16 Gen 2 Lenovo Thinkpad with a Apple Studio Display monitor\nconnected via Thunderbolt. The amdgpu driver crashed with this exception\nwhen I rebooted the system with the monitor connected.\n\nkernel: ? die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434 arch/x86/kernel/dumpstack.c:447)\nkernel: ? do_trap (arch/x86/kernel/traps.c:113 arch/x86/kernel/traps.c:154)\nkernel: ? setup_dsc_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1053) amdgpu\nkernel: ? do_error_trap (./arch/x86/include/asm/traps.h:58 arch/x86/kernel/traps.c:175)\nkernel: ? setup_dsc_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1053) amdgpu\nkernel: ? exc_divide_error (arch/x86/kernel/traps.c:194 (discriminator 2))\nkernel: ? setup_dsc_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1053) amdgpu\nkernel: ? asm_exc_divide_error (./arch/x86/include/asm/idtentry.h:548)\nkernel: ? setup_dsc_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1053) amdgpu\nkernel: dc_dsc_compute_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1109) amdgpu\n\nAfter applying this patch, the driver no longer crashes when the monitor\nis connected and the system is rebooted. I believe this is the same\nissue reported for 3113.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36969",
"url": "https://www.suse.com/security/cve/CVE-2024-36969"
},
{
"category": "external",
"summary": "SUSE Bug 1226155 for CVE-2024-36969",
"url": "https://bugzilla.suse.com/1226155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36969"
},
{
"cve": "CVE-2024-36971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix __dst_negative_advice() race\n\n__dst_negative_advice() does not enforce proper RCU rules when\nsk-\u003edst_cache must be cleared, leading to possible UAF.\n\nRCU rules are that we must first clear sk-\u003esk_dst_cache,\nthen call dst_release(old_dst).\n\nNote that sk_dst_reset(sk) is implementing this protocol correctly,\nwhile __dst_negative_advice() uses the wrong order.\n\nGiven that ip6_negative_advice() has special logic\nagainst RTF_CACHE, this means each of the three -\u003enegative_advice()\nexisting methods must perform the sk_dst_reset() themselves.\n\nNote the check against NULL dst is centralized in\n__dst_negative_advice(), there is no need to duplicate\nit in various callbacks.\n\nMany thanks to Clement Lecigne for tracking this issue.\n\nThis old bug became visible after the blamed commit, using UDP sockets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36971",
"url": "https://www.suse.com/security/cve/CVE-2024-36971"
},
{
"category": "external",
"summary": "SUSE Bug 1226145 for CVE-2024-36971",
"url": "https://bugzilla.suse.com/1226145"
},
{
"category": "external",
"summary": "SUSE Bug 1226324 for CVE-2024-36971",
"url": "https://bugzilla.suse.com/1226324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36971"
},
{
"cve": "CVE-2024-36975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKEYS: trusted: Do not use WARN when encode fails\n\nWhen asn1_encode_sequence() fails, WARN is not the correct solution.\n\n1. asn1_encode_sequence() is not an internal function (located\n in lib/asn1_encode.c).\n2. Location is known, which makes the stack trace useless.\n3. Results a crash if panic_on_warn is set.\n\nIt is also noteworthy that the use of WARN is undocumented, and it\nshould be avoided unless there is a carefully considered rationale to\nuse it.\n\nReplace WARN with pr_err, and print the return value instead, which is\nonly useful piece of information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36975",
"url": "https://www.suse.com/security/cve/CVE-2024-36975"
},
{
"category": "external",
"summary": "SUSE Bug 1226520 for CVE-2024-36975",
"url": "https://bugzilla.suse.com/1226520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-36975"
},
{
"cve": "CVE-2024-36978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: sch_multiq: fix possible OOB write in multiq_tune()\n\nq-\u003ebands will be assigned to qopt-\u003ebands to execute subsequent code logic\nafter kmalloc. So the old q-\u003ebands should not be used in kmalloc.\nOtherwise, an out-of-bounds write will occur.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36978",
"url": "https://www.suse.com/security/cve/CVE-2024-36978"
},
{
"category": "external",
"summary": "SUSE Bug 1226514 for CVE-2024-36978",
"url": "https://bugzilla.suse.com/1226514"
},
{
"category": "external",
"summary": "SUSE Bug 1244631 for CVE-2024-36978",
"url": "https://bugzilla.suse.com/1244631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-36978"
},
{
"cve": "CVE-2024-37021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-37021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: manager: add owner module and take its refcount\n\nThe current implementation of the fpga manager assumes that the low-level\nmodule registers a driver for the parent device and uses its owner pointer\nto take the module\u0027s refcount. This approach is problematic since it can\nlead to a null pointer dereference while attempting to get the manager if\nthe parent device does not have a driver.\n\nTo address this problem, add a module owner pointer to the fpga_manager\nstruct and use it to take the module\u0027s refcount. Modify the functions for\nregistering the manager to take an additional owner module parameter and\nrename them to avoid conflicts. Use the old function names for helper\nmacros that automatically set the module that registers the manager as the\nowner. This ensures compatibility with existing low-level control modules\nand reduces the chances of registering a manager without setting the owner.\n\nAlso, update the documentation to keep it consistent with the new interface\nfor registering an fpga manager.\n\nOther changes: opportunistically move put_device() from __fpga_mgr_get() to\nfpga_mgr_get() and of_fpga_mgr_get() to improve code clarity since the\nmanager device is taken in these functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-37021",
"url": "https://www.suse.com/security/cve/CVE-2024-37021"
},
{
"category": "external",
"summary": "SUSE Bug 1226950 for CVE-2024-37021",
"url": "https://bugzilla.suse.com/1226950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-37021"
},
{
"cve": "CVE-2024-37078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-37078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential kernel bug due to lack of writeback flag waiting\n\nDestructive writes to a block device on which nilfs2 is mounted can cause\na kernel bug in the folio/page writeback start routine or writeback end\nroutine (__folio_start_writeback in the log below):\n\n kernel BUG at mm/page-writeback.c:3070!\n Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\n ...\n RIP: 0010:__folio_start_writeback+0xbaa/0x10e0\n Code: 25 ff 0f 00 00 0f 84 18 01 00 00 e8 40 ca c6 ff e9 17 f6 ff ff\n e8 36 ca c6 ff 4c 89 f7 48 c7 c6 80 c0 12 84 e8 e7 b3 0f 00 90 \u003c0f\u003e\n 0b e8 1f ca c6 ff 4c 89 f7 48 c7 c6 a0 c6 12 84 e8 d0 b3 0f 00\n ...\n Call Trace:\n \u003cTASK\u003e\n nilfs_segctor_do_construct+0x4654/0x69d0 [nilfs2]\n nilfs_segctor_construct+0x181/0x6b0 [nilfs2]\n nilfs_segctor_thread+0x548/0x11c0 [nilfs2]\n kthread+0x2f0/0x390\n ret_from_fork+0x4b/0x80\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis is because when the log writer starts a writeback for segment summary\nblocks or a super root block that use the backing device\u0027s page cache, it\ndoes not wait for the ongoing folio/page writeback, resulting in an\ninconsistent writeback state.\n\nFix this issue by waiting for ongoing writebacks when putting\nfolios/pages on the backing device into writeback state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-37078",
"url": "https://www.suse.com/security/cve/CVE-2024-37078"
},
{
"category": "external",
"summary": "SUSE Bug 1227066 for CVE-2024-37078",
"url": "https://bugzilla.suse.com/1227066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2024-37078"
},
{
"cve": "CVE-2024-37354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-37354"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix crash on racing fsync and size-extending write into prealloc\n\nWe have been seeing crashes on duplicate keys in\nbtrfs_set_item_key_safe():\n\n BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108 8192)\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/ctree.c:2620!\n invalid opcode: 0000 [#1] PREEMPT SMP PTI\n CPU: 0 PID: 3139 Comm: xfs_io Kdump: loaded Not tainted 6.9.0 #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014\n RIP: 0010:btrfs_set_item_key_safe+0x11f/0x290 [btrfs]\n\nWith the following stack trace:\n\n #0 btrfs_set_item_key_safe (fs/btrfs/ctree.c:2620:4)\n #1 btrfs_drop_extents (fs/btrfs/file.c:411:4)\n #2 log_one_extent (fs/btrfs/tree-log.c:4732:9)\n #3 btrfs_log_changed_extents (fs/btrfs/tree-log.c:4955:9)\n #4 btrfs_log_inode (fs/btrfs/tree-log.c:6626:9)\n #5 btrfs_log_inode_parent (fs/btrfs/tree-log.c:7070:8)\n #6 btrfs_log_dentry_safe (fs/btrfs/tree-log.c:7171:8)\n #7 btrfs_sync_file (fs/btrfs/file.c:1933:8)\n #8 vfs_fsync_range (fs/sync.c:188:9)\n #9 vfs_fsync (fs/sync.c:202:9)\n #10 do_fsync (fs/sync.c:212:9)\n #11 __do_sys_fdatasync (fs/sync.c:225:9)\n #12 __se_sys_fdatasync (fs/sync.c:223:1)\n #13 __x64_sys_fdatasync (fs/sync.c:223:1)\n #14 do_syscall_x64 (arch/x86/entry/common.c:52:14)\n #15 do_syscall_64 (arch/x86/entry/common.c:83:7)\n #16 entry_SYSCALL_64+0xaf/0x14c (arch/x86/entry/entry_64.S:121)\n\nSo we\u0027re logging a changed extent from fsync, which is splitting an\nextent in the log tree. But this split part already exists in the tree,\ntriggering the BUG().\n\nThis is the state of the log tree at the time of the crash, dumped with\ndrgn (https://github.com/osandov/drgn/blob/main/contrib/btrfs_tree.py)\nto get more details than btrfs_print_leaf() gives us:\n\n \u003e\u003e\u003e print_extent_buffer(prog.crashed_thread().stack_trace()[0][\"eb\"])\n leaf 33439744 level 0 items 72 generation 9 owner 18446744073709551610\n leaf 33439744 flags 0x100000000000000\n fs uuid e5bd3946-400c-4223-8923-190ef1f18677\n chunk uuid d58cb17e-6d02-494a-829a-18b7d8a399da\n item 0 key (450 INODE_ITEM 0) itemoff 16123 itemsize 160\n generation 7 transid 9 size 8192 nbytes 8473563889606862198\n block group 0 mode 100600 links 1 uid 0 gid 0 rdev 0\n sequence 204 flags 0x10(PREALLOC)\n atime 1716417703.220000000 (2024-05-22 15:41:43)\n ctime 1716417704.983333333 (2024-05-22 15:41:44)\n mtime 1716417704.983333333 (2024-05-22 15:41:44)\n otime 17592186044416.000000000 (559444-03-08 01:40:16)\n item 1 key (450 INODE_REF 256) itemoff 16110 itemsize 13\n index 195 namelen 3 name: 193\n item 2 key (450 XATTR_ITEM 1640047104) itemoff 16073 itemsize 37\n location key (0 UNKNOWN.0 0) type XATTR\n transid 7 data_len 1 name_len 6\n name: user.a\n data a\n item 3 key (450 EXTENT_DATA 0) itemoff 16020 itemsize 53\n generation 9 type 1 (regular)\n extent data disk byte 303144960 nr 12288\n extent data offset 0 nr 4096 ram 12288\n extent compression 0 (none)\n item 4 key (450 EXTENT_DATA 4096) itemoff 15967 itemsize 53\n generation 9 type 2 (prealloc)\n prealloc data disk byte 303144960 nr 12288\n prealloc data offset 4096 nr 8192\n item 5 key (450 EXTENT_DATA 8192) itemoff 15914 itemsize 53\n generation 9 type 2 (prealloc)\n prealloc data disk byte 303144960 nr 12288\n prealloc data offset 8192 nr 4096\n ...\n\nSo the real problem happened earlier: notice that items 4 (4k-12k) and 5\n(8k-12k) overlap. Both are prealloc extents. Item 4 straddles i_size and\nitem 5 starts at i_size.\n\nHere is the state of \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-37354",
"url": "https://www.suse.com/security/cve/CVE-2024-37354"
},
{
"category": "external",
"summary": "SUSE Bug 1227101 for CVE-2024-37354",
"url": "https://bugzilla.suse.com/1227101"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-37354"
},
{
"cve": "CVE-2024-38381",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38381"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nci: Fix uninit-value in nci_rx_work\n\nsyzbot reported the following uninit-value access issue [1]\n\nnci_rx_work() parses received packet from ndev-\u003erx_q. It should be\nvalidated header size, payload size and total packet size before\nprocessing the packet. If an invalid packet is detected, it should be\nsilently discarded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38381",
"url": "https://www.suse.com/security/cve/CVE-2024-38381"
},
{
"category": "external",
"summary": "SUSE Bug 1226878 for CVE-2024-38381",
"url": "https://bugzilla.suse.com/1226878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38381"
},
{
"cve": "CVE-2024-38388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda/cs_dsp_ctl: Use private_free for control cleanup\n\nUse the control private_free callback to free the associated data\nblock. This ensures that the memory won\u0027t leak, whatever way the\ncontrol gets destroyed.\n\nThe original implementation didn\u0027t actually remove the ALSA\ncontrols in hda_cs_dsp_control_remove(). It only freed the internal\ntracking structure. This meant it was possible to remove/unload the\namp driver while leaving its ALSA controls still present in the\nsoundcard. Obviously attempting to access them could cause segfaults\nor at least dereferencing stale pointers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38388",
"url": "https://www.suse.com/security/cve/CVE-2024-38388"
},
{
"category": "external",
"summary": "SUSE Bug 1226890 for CVE-2024-38388",
"url": "https://bugzilla.suse.com/1226890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "low"
}
],
"title": "CVE-2024-38388"
},
{
"cve": "CVE-2024-38390",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38390"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails\n\nCalling a6xx_destroy() before adreno_gpu_init() leads to a null pointer\ndereference on:\n\nmsm_gpu_cleanup() : platform_set_drvdata(gpu-\u003epdev, NULL);\n\nas gpu-\u003epdev is only assigned in:\n\na6xx_gpu_init()\n|_ adreno_gpu_init\n |_ msm_gpu_init()\n\nInstead of relying on handwavy null checks down the cleanup chain,\nexplicitly de-allocate the LLC data and free a6xx_gpu instead.\n\nPatchwork: https://patchwork.freedesktop.org/patch/588919/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38390",
"url": "https://www.suse.com/security/cve/CVE-2024-38390"
},
{
"category": "external",
"summary": "SUSE Bug 1226891 for CVE-2024-38390",
"url": "https://bugzilla.suse.com/1226891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38390"
},
{
"cve": "CVE-2024-38540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq\n\nUndefined behavior is triggered when bnxt_qplib_alloc_init_hwq is called\nwith hwq_attr-\u003eaux_depth != 0 and hwq_attr-\u003eaux_stride == 0.\nIn that case, \"roundup_pow_of_two(hwq_attr-\u003eaux_stride)\" gets called.\nroundup_pow_of_two is documented as undefined for 0.\n\nFix it in the one caller that had this combination.\n\nThe undefined behavior was detected by UBSAN:\n UBSAN: shift-out-of-bounds in ./include/linux/log2.h:57:13\n shift exponent 64 is too large for 64-bit type \u0027long unsigned int\u0027\n CPU: 24 PID: 1075 Comm: (udev-worker) Not tainted 6.9.0-rc6+ #4\n Hardware name: Abacus electric, s.r.o. - servis@abacus.cz Super Server/H12SSW-iN, BIOS 2.7 10/25/2023\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ubsan_epilogue+0x5/0x30\n __ubsan_handle_shift_out_of_bounds.cold+0x61/0xec\n __roundup_pow_of_two+0x25/0x35 [bnxt_re]\n bnxt_qplib_alloc_init_hwq+0xa1/0x470 [bnxt_re]\n bnxt_qplib_create_qp+0x19e/0x840 [bnxt_re]\n bnxt_re_create_qp+0x9b1/0xcd0 [bnxt_re]\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? __kmalloc+0x1b6/0x4f0\n ? create_qp.part.0+0x128/0x1c0 [ib_core]\n ? __pfx_bnxt_re_create_qp+0x10/0x10 [bnxt_re]\n create_qp.part.0+0x128/0x1c0 [ib_core]\n ib_create_qp_kernel+0x50/0xd0 [ib_core]\n create_mad_qp+0x8e/0xe0 [ib_core]\n ? __pfx_qp_event_handler+0x10/0x10 [ib_core]\n ib_mad_init_device+0x2be/0x680 [ib_core]\n add_client_context+0x10d/0x1a0 [ib_core]\n enable_device_and_get+0xe0/0x1d0 [ib_core]\n ib_register_device+0x53c/0x630 [ib_core]\n ? srso_alias_return_thunk+0x5/0xfbef5\n bnxt_re_probe+0xbd8/0xe50 [bnxt_re]\n ? __pfx_bnxt_re_probe+0x10/0x10 [bnxt_re]\n auxiliary_bus_probe+0x49/0x80\n ? driver_sysfs_add+0x57/0xc0\n really_probe+0xde/0x340\n ? pm_runtime_barrier+0x54/0x90\n ? __pfx___driver_attach+0x10/0x10\n __driver_probe_device+0x78/0x110\n driver_probe_device+0x1f/0xa0\n __driver_attach+0xba/0x1c0\n bus_for_each_dev+0x8f/0xe0\n bus_add_driver+0x146/0x220\n driver_register+0x72/0xd0\n __auxiliary_driver_register+0x6e/0xd0\n ? __pfx_bnxt_re_mod_init+0x10/0x10 [bnxt_re]\n bnxt_re_mod_init+0x3e/0xff0 [bnxt_re]\n ? __pfx_bnxt_re_mod_init+0x10/0x10 [bnxt_re]\n do_one_initcall+0x5b/0x310\n do_init_module+0x90/0x250\n init_module_from_file+0x86/0xc0\n idempotent_init_module+0x121/0x2b0\n __x64_sys_finit_module+0x5e/0xb0\n do_syscall_64+0x82/0x160\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? syscall_exit_to_user_mode_prepare+0x149/0x170\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? syscall_exit_to_user_mode+0x75/0x230\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? do_syscall_64+0x8e/0x160\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? __count_memcg_events+0x69/0x100\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? count_memcg_events.constprop.0+0x1a/0x30\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? handle_mm_fault+0x1f0/0x300\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? do_user_addr_fault+0x34e/0x640\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? srso_alias_return_thunk+0x5/0xfbef5\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f4e5132821d\n Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d e3 db 0c 00 f7 d8 64 89 01 48\n RSP: 002b:00007ffca9c906a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139\n RAX: ffffffffffffffda RBX: 0000563ec8a8f130 RCX: 00007f4e5132821d\n RDX: 0000000000000000 RSI: 00007f4e518fa07d RDI: 000000000000003b\n RBP: 00007ffca9c90760 R08: 00007f4e513f6b20 R09: 00007ffca9c906f0\n R10: 0000563ec8a8faa0 R11: 0000000000000246 R12: 00007f4e518fa07d\n R13: 0000000000020000 R14: 0000563ec8409e90 R15: 0000563ec8a8fa60\n \u003c/TASK\u003e\n ---[ end trace ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38540",
"url": "https://www.suse.com/security/cve/CVE-2024-38540"
},
{
"category": "external",
"summary": "SUSE Bug 1226582 for CVE-2024-38540",
"url": "https://bugzilla.suse.com/1226582"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38540"
},
{
"cve": "CVE-2024-38541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: module: add buffer overflow check in of_modalias()\n\nIn of_modalias(), if the buffer happens to be too small even for the 1st\nsnprintf() call, the len parameter will become negative and str parameter\n(if not NULL initially) will point beyond the buffer\u0027s end. Add the buffer\noverflow check after the 1st snprintf() call and fix such check after the\nstrlen() call (accounting for the terminating NUL char).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38541",
"url": "https://www.suse.com/security/cve/CVE-2024-38541"
},
{
"category": "external",
"summary": "SUSE Bug 1226587 for CVE-2024-38541",
"url": "https://bugzilla.suse.com/1226587"
},
{
"category": "external",
"summary": "SUSE Bug 1227496 for CVE-2024-38541",
"url": "https://bugzilla.suse.com/1227496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38541"
},
{
"cve": "CVE-2024-38544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38544"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix seg fault in rxe_comp_queue_pkt\n\nIn rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the\nresp_pkts queue and then a decision is made whether to run the completer\ntask inline or schedule it. Finally the skb is dereferenced to bump a \u0027hw\u0027\nperformance counter. This is wrong because if the completer task is\nalready running in a separate thread it may have already processed the skb\nand freed it which can cause a seg fault. This has been observed\ninfrequently in testing at high scale.\n\nThis patch fixes this by changing the order of enqueuing the packet until\nafter the counter is accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38544",
"url": "https://www.suse.com/security/cve/CVE-2024-38544"
},
{
"category": "external",
"summary": "SUSE Bug 1226597 for CVE-2024-38544",
"url": "https://bugzilla.suse.com/1226597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38544"
},
{
"cve": "CVE-2024-38545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix UAF for cq async event\n\nThe refcount of CQ is not protected by locks. When CQ asynchronous\nevents and CQ destruction are concurrent, CQ may have been released,\nwhich will cause UAF.\n\nUse the xa_lock() to protect the CQ refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38545",
"url": "https://www.suse.com/security/cve/CVE-2024-38545"
},
{
"category": "external",
"summary": "SUSE Bug 1226595 for CVE-2024-38545",
"url": "https://bugzilla.suse.com/1226595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38545"
},
{
"cve": "CVE-2024-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: vc4: Fix possible null pointer dereference\n\nIn vc4_hdmi_audio_init() of_get_address() may return\nNULL which is later dereferenced. Fix this bug by adding NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38546",
"url": "https://www.suse.com/security/cve/CVE-2024-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1226593 for CVE-2024-38546",
"url": "https://bugzilla.suse.com/1226593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38546"
},
{
"cve": "CVE-2024-38547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38547"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries\n\nThe allocation failure of mycs-\u003eyuv_scaler_binary in load_video_binaries()\nis followed with a dereference of mycs-\u003eyuv_scaler_binary after the\nfollowing call chain:\n\nsh_css_pipe_load_binaries()\n |-\u003e load_video_binaries(mycs-\u003eyuv_scaler_binary == NULL)\n |\n |-\u003e sh_css_pipe_unload_binaries()\n |-\u003e unload_video_binaries()\n\nIn unload_video_binaries(), it calls to ia_css_binary_unload with argument\n\u0026pipe-\u003epipe_settings.video.yuv_scaler_binary[i], which refers to the\nsame memory slot as mycs-\u003eyuv_scaler_binary. Thus, a null-pointer\ndereference is triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38547",
"url": "https://www.suse.com/security/cve/CVE-2024-38547"
},
{
"category": "external",
"summary": "SUSE Bug 1226632 for CVE-2024-38547",
"url": "https://bugzilla.suse.com/1226632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38547"
},
{
"cve": "CVE-2024-38548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge: cdns-mhdp8546: Fix possible null pointer dereference\n\nIn cdns_mhdp_atomic_enable(), the return value of drm_mode_duplicate() is\nassigned to mhdp_state-\u003ecurrent_mode, and there is a dereference of it in\ndrm_mode_set_name(), which will lead to a NULL pointer dereference on\nfailure of drm_mode_duplicate().\n\nFix this bug add a check of mhdp_state-\u003ecurrent_mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38548",
"url": "https://www.suse.com/security/cve/CVE-2024-38548"
},
{
"category": "external",
"summary": "SUSE Bug 1228202 for CVE-2024-38548",
"url": "https://bugzilla.suse.com/1228202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38548"
},
{
"cve": "CVE-2024-38549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38549"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Add 0 size check to mtk_drm_gem_obj\n\nAdd a check to mtk_drm_gem_init if we attempt to allocate a GEM object\nof 0 bytes. Currently, no such check exists and the kernel will panic if\na userspace application attempts to allocate a 0x0 GBM buffer.\n\nTested by attempting to allocate a 0x0 GBM buffer on an MT8188 and\nverifying that we now return EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38549",
"url": "https://www.suse.com/security/cve/CVE-2024-38549"
},
{
"category": "external",
"summary": "SUSE Bug 1226735 for CVE-2024-38549",
"url": "https://bugzilla.suse.com/1226735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38549"
},
{
"cve": "CVE-2024-38550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: kirkwood: Fix potential NULL dereference\n\nIn kirkwood_dma_hw_params() mv_mbus_dram_info() returns NULL if\nCONFIG_PLAT_ORION macro is not defined.\nFix this bug by adding NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38550",
"url": "https://www.suse.com/security/cve/CVE-2024-38550"
},
{
"category": "external",
"summary": "SUSE Bug 1226633 for CVE-2024-38550",
"url": "https://bugzilla.suse.com/1226633"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38550"
},
{
"cve": "CVE-2024-38552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38552"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix potential index out of bounds in color transformation function\n\nFixes index out of bounds issue in the color transformation function.\nThe issue could occur when the index \u0027i\u0027 exceeds the number of transfer\nfunction points (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure \u0027i\u0027 is within bounds before accessing the\ntransfer function points. If \u0027i\u0027 is out of bounds, an error message is\nlogged and the function returns false to indicate an error.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:405 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.red\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:406 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.green\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:407 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.blue\u0027 1025 \u003c= s32max",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38552",
"url": "https://www.suse.com/security/cve/CVE-2024-38552"
},
{
"category": "external",
"summary": "SUSE Bug 1226767 for CVE-2024-38552",
"url": "https://bugzilla.suse.com/1226767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38552"
},
{
"cve": "CVE-2024-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: remove .ndo_poll_controller to avoid deadlocks\n\nThere is a deadlock issue found in sungem driver, please refer to the\ncommit ac0a230f719b (\"eth: sungem: remove .ndo_poll_controller to avoid\ndeadlocks\"). The root cause of the issue is that netpoll is in atomic\ncontext and disable_irq() is called by .ndo_poll_controller interface\nof sungem driver, however, disable_irq() might sleep. After analyzing\nthe implementation of fec_poll_controller(), the fec driver should have\nthe same issue. Due to the fec driver uses NAPI for TX completions, the\n.ndo_poll_controller is unnecessary to be implemented in the fec driver,\nso fec_poll_controller() can be safely removed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38553",
"url": "https://www.suse.com/security/cve/CVE-2024-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1226744 for CVE-2024-38553",
"url": "https://bugzilla.suse.com/1226744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38553"
},
{
"cve": "CVE-2024-38555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Discard command completions in internal error\n\nFix use after free when FW completion arrives while device is in\ninternal error state. Avoid calling completion handler in this case,\nsince the device will flush the command interface and trigger all\ncompletions manually.\n\nKernel log:\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\n...\nRIP: 0010:refcount_warn_saturate+0xd8/0xe0\n...\nCall Trace:\n\u003cIRQ\u003e\n? __warn+0x79/0x120\n? refcount_warn_saturate+0xd8/0xe0\n? report_bug+0x17c/0x190\n? handle_bug+0x3c/0x60\n? exc_invalid_op+0x14/0x70\n? asm_exc_invalid_op+0x16/0x20\n? refcount_warn_saturate+0xd8/0xe0\ncmd_ent_put+0x13b/0x160 [mlx5_core]\nmlx5_cmd_comp_handler+0x5f9/0x670 [mlx5_core]\ncmd_comp_notifier+0x1f/0x30 [mlx5_core]\nnotifier_call_chain+0x35/0xb0\natomic_notifier_call_chain+0x16/0x20\nmlx5_eq_async_int+0xf6/0x290 [mlx5_core]\nnotifier_call_chain+0x35/0xb0\natomic_notifier_call_chain+0x16/0x20\nirq_int_handler+0x19/0x30 [mlx5_core]\n__handle_irq_event_percpu+0x4b/0x160\nhandle_irq_event+0x2e/0x80\nhandle_edge_irq+0x98/0x230\n__common_interrupt+0x3b/0xa0\ncommon_interrupt+0x7b/0xa0\n\u003c/IRQ\u003e\n\u003cTASK\u003e\nasm_common_interrupt+0x22/0x40",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38555",
"url": "https://www.suse.com/security/cve/CVE-2024-38555"
},
{
"category": "external",
"summary": "SUSE Bug 1226607 for CVE-2024-38555",
"url": "https://bugzilla.suse.com/1226607"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38555"
},
{
"cve": "CVE-2024-38556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38556"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Add a timeout to acquire the command queue semaphore\n\nPrevent forced completion handling on an entry that has not yet been\nassigned an index, causing an out of bounds access on idx = -22.\nInstead of waiting indefinitely for the sem, blocking flow now waits for\nindex to be allocated or a sem acquisition timeout before beginning the\ntimer for FW completion.\n\nKernel log example:\nmlx5_core 0000:06:00.0: wait_func_handle_exec_timeout:1128:(pid 185911): cmd[-22]: CREATE_UCTX(0xa04) No done completion",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38556",
"url": "https://www.suse.com/security/cve/CVE-2024-38556"
},
{
"category": "external",
"summary": "SUSE Bug 1226774 for CVE-2024-38556",
"url": "https://bugzilla.suse.com/1226774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38556"
},
{
"cve": "CVE-2024-38557",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38557"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Reload only IB representors upon lag disable/enable\n\nOn lag disable, the bond IB device along with all of its\nrepresentors are destroyed, and then the slaves\u0027 representors get reloaded.\n\nIn case the slave IB representor load fails, the eswitch error flow\nunloads all representors, including ethernet representors, where the\nnetdevs get detached and removed from lag bond. Such flow is inaccurate\nas the lag driver is not responsible for loading/unloading ethernet\nrepresentors. Furthermore, the flow described above begins by holding\nlag lock to prevent bond changes during disable flow. However, when\nreaching the ethernet representors detachment from lag, the lag lock is\nrequired again, triggering the following deadlock:\n\nCall trace:\n__switch_to+0xf4/0x148\n__schedule+0x2c8/0x7d0\nschedule+0x50/0xe0\nschedule_preempt_disabled+0x18/0x28\n__mutex_lock.isra.13+0x2b8/0x570\n__mutex_lock_slowpath+0x1c/0x28\nmutex_lock+0x4c/0x68\nmlx5_lag_remove_netdev+0x3c/0x1a0 [mlx5_core]\nmlx5e_uplink_rep_disable+0x70/0xa0 [mlx5_core]\nmlx5e_detach_netdev+0x6c/0xb0 [mlx5_core]\nmlx5e_netdev_change_profile+0x44/0x138 [mlx5_core]\nmlx5e_netdev_attach_nic_profile+0x28/0x38 [mlx5_core]\nmlx5e_vport_rep_unload+0x184/0x1b8 [mlx5_core]\nmlx5_esw_offloads_rep_load+0xd8/0xe0 [mlx5_core]\nmlx5_eswitch_reload_reps+0x74/0xd0 [mlx5_core]\nmlx5_disable_lag+0x130/0x138 [mlx5_core]\nmlx5_lag_disable_change+0x6c/0x70 [mlx5_core] // hold ldev-\u003elock\nmlx5_devlink_eswitch_mode_set+0xc0/0x410 [mlx5_core]\ndevlink_nl_cmd_eswitch_set_doit+0xdc/0x180\ngenl_family_rcv_msg_doit.isra.17+0xe8/0x138\ngenl_rcv_msg+0xe4/0x220\nnetlink_rcv_skb+0x44/0x108\ngenl_rcv+0x40/0x58\nnetlink_unicast+0x198/0x268\nnetlink_sendmsg+0x1d4/0x418\nsock_sendmsg+0x54/0x60\n__sys_sendto+0xf4/0x120\n__arm64_sys_sendto+0x30/0x40\nel0_svc_common+0x8c/0x120\ndo_el0_svc+0x30/0xa0\nel0_svc+0x20/0x30\nel0_sync_handler+0x90/0xb8\nel0_sync+0x160/0x180\n\nThus, upon lag enable/disable, load and unload only the IB representors\nof the slaves preventing the deadlock mentioned above.\n\nWhile at it, refactor the mlx5_esw_offloads_rep_load() function to have\na static helper method for its internal logic, in symmetry with the\nrepresentor unload design.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38557",
"url": "https://www.suse.com/security/cve/CVE-2024-38557"
},
{
"category": "external",
"summary": "SUSE Bug 1226781 for CVE-2024-38557",
"url": "https://bugzilla.suse.com/1226781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38557"
},
{
"cve": "CVE-2024-38559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Ensure the copied buf is NUL terminated\n\nCurrently, we allocate a count-sized kernel buffer and copy count from\nuserspace to that buffer. Later, we use kstrtouint on this buffer but we\ndon\u0027t ensure that the string is terminated inside the buffer, this can\nlead to OOB read when using kstrtouint. Fix this issue by using\nmemdup_user_nul instead of memdup_user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38559",
"url": "https://www.suse.com/security/cve/CVE-2024-38559"
},
{
"category": "external",
"summary": "SUSE Bug 1226785 for CVE-2024-38559",
"url": "https://bugzilla.suse.com/1226785"
},
{
"category": "external",
"summary": "SUSE Bug 1227495 for CVE-2024-38559",
"url": "https://bugzilla.suse.com/1227495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38559"
},
{
"cve": "CVE-2024-38560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bfa: Ensure the copied buf is NUL terminated\n\nCurrently, we allocate a nbytes-sized kernel buffer and copy nbytes from\nuserspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t\nensure that the string is terminated inside the buffer, this can lead to\nOOB read when using sscanf. Fix this issue by using memdup_user_nul instead\nof memdup_user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38560",
"url": "https://www.suse.com/security/cve/CVE-2024-38560"
},
{
"category": "external",
"summary": "SUSE Bug 1226786 for CVE-2024-38560",
"url": "https://bugzilla.suse.com/1226786"
},
{
"category": "external",
"summary": "SUSE Bug 1227319 for CVE-2024-38560",
"url": "https://bugzilla.suse.com/1227319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38560"
},
{
"cve": "CVE-2024-38564",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38564"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE\n\nbpf_prog_attach uses attach_type_to_prog_type to enforce proper\nattach type for BPF_PROG_TYPE_CGROUP_SKB. link_create uses\nbpf_prog_get and relies on bpf_prog_attach_check_attach_type\nto properly verify prog_type \u003c\u003e attach_type association.\n\nAdd missing attach_type enforcement for the link_create case.\nOtherwise, it\u0027s currently possible to attach cgroup_skb prog\ntypes to other cgroup hooks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38564",
"url": "https://www.suse.com/security/cve/CVE-2024-38564"
},
{
"category": "external",
"summary": "SUSE Bug 1226789 for CVE-2024-38564",
"url": "https://bugzilla.suse.com/1226789"
},
{
"category": "external",
"summary": "SUSE Bug 1228730 for CVE-2024-38564",
"url": "https://bugzilla.suse.com/1228730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-38564"
},
{
"cve": "CVE-2024-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ar5523: enable proper endpoint verification\n\nSyzkaller reports [1] hitting a warning about an endpoint in use\nnot having an expected type to it.\n\nFix the issue by checking for the existence of all proper\nendpoints with their according types intact.\n\nSadly, this patch has not been tested on real hardware.\n\n[1] Syzkaller report:\n------------[ cut here ]------------\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 3643 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\n...\nCall Trace:\n \u003cTASK\u003e\n ar5523_cmd+0x41b/0x780 drivers/net/wireless/ath/ar5523/ar5523.c:275\n ar5523_cmd_read drivers/net/wireless/ath/ar5523/ar5523.c:302 [inline]\n ar5523_host_available drivers/net/wireless/ath/ar5523/ar5523.c:1376 [inline]\n ar5523_probe+0x14b0/0x1d10 drivers/net/wireless/ath/ar5523/ar5523.c:1655\n usb_probe_interface+0x30f/0x7f0 drivers/usb/core/driver.c:396\n call_driver_probe drivers/base/dd.c:560 [inline]\n really_probe+0x249/0xb90 drivers/base/dd.c:639\n __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778\n driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808\n __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:936\n bus_for_each_drv+0x163/0x1e0 drivers/base/bus.c:427\n __device_attach+0x1e4/0x530 drivers/base/dd.c:1008\n bus_probe_device+0x1e8/0x2a0 drivers/base/bus.c:487\n device_add+0xbd9/0x1e90 drivers/base/core.c:3517\n usb_set_configuration+0x101d/0x1900 drivers/usb/core/message.c:2170\n usb_generic_driver_probe+0xbe/0x100 drivers/usb/core/generic.c:238\n usb_probe_device+0xd8/0x2c0 drivers/usb/core/driver.c:293\n call_driver_probe drivers/base/dd.c:560 [inline]\n really_probe+0x249/0xb90 drivers/base/dd.c:639\n __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778\n driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808\n __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:936\n bus_for_each_drv+0x163/0x1e0 drivers/base/bus.c:427\n __device_attach+0x1e4/0x530 drivers/base/dd.c:1008\n bus_probe_device+0x1e8/0x2a0 drivers/base/bus.c:487\n device_add+0xbd9/0x1e90 drivers/base/core.c:3517\n usb_new_device.cold+0x685/0x10ad drivers/usb/core/hub.c:2573\n hub_port_connect drivers/usb/core/hub.c:5353 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5497 [inline]\n port_event drivers/usb/core/hub.c:5653 [inline]\n hub_event+0x26cb/0x45d0 drivers/usb/core/hub.c:5735\n process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289\n worker_thread+0x669/0x1090 kernel/workqueue.c:2436\n kthread+0x2e8/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38565",
"url": "https://www.suse.com/security/cve/CVE-2024-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1226747 for CVE-2024-38565",
"url": "https://bugzilla.suse.com/1226747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38565"
},
{
"cve": "CVE-2024-38567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38567"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: carl9170: add a proper sanity check for endpoints\n\nSyzkaller reports [1] hitting a warning which is caused by presence\nof a wrong endpoint type at the URB sumbitting stage. While there\nwas a check for a specific 4th endpoint, since it can switch types\nbetween bulk and interrupt, other endpoints are trusted implicitly.\nSimilar warning is triggered in a couple of other syzbot issues [2].\n\nFix the issue by doing a comprehensive check of all endpoints\ntaking into account difference between high- and full-speed\nconfiguration.\n\n[1] Syzkaller report:\n...\nWARNING: CPU: 0 PID: 4721 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\n...\nCall Trace:\n \u003cTASK\u003e\n carl9170_usb_send_rx_irq_urb+0x273/0x340 drivers/net/wireless/ath/carl9170/usb.c:504\n carl9170_usb_init_device drivers/net/wireless/ath/carl9170/usb.c:939 [inline]\n carl9170_usb_firmware_finish drivers/net/wireless/ath/carl9170/usb.c:999 [inline]\n carl9170_usb_firmware_step2+0x175/0x240 drivers/net/wireless/ath/carl9170/usb.c:1028\n request_firmware_work_func+0x130/0x240 drivers/base/firmware_loader/main.c:1107\n process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289\n worker_thread+0x669/0x1090 kernel/workqueue.c:2436\n kthread+0x2e8/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308\n \u003c/TASK\u003e\n\n[2] Related syzkaller crashes:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38567",
"url": "https://www.suse.com/security/cve/CVE-2024-38567"
},
{
"category": "external",
"summary": "SUSE Bug 1226769 for CVE-2024-38567",
"url": "https://bugzilla.suse.com/1226769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38567"
},
{
"cve": "CVE-2024-38568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: hisi: hns3: Fix out-of-bound access when valid event group\n\nThe perf tool allows users to create event groups through following\ncmd [1], but the driver does not check whether the array index is out\nof bounds when writing data to the event_group array. If the number of\nevents in an event_group is greater than HNS3_PMU_MAX_HW_EVENTS, the\nmemory write overflow of event_group array occurs.\n\nAdd array index check to fix the possible array out of bounds violation,\nand return directly when write new events are written to array bounds.\n\nThere are 9 different events in an event_group.\n[1] perf stat -e \u0027{pmu/event1/, ... ,pmu/event9/}",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38568",
"url": "https://www.suse.com/security/cve/CVE-2024-38568"
},
{
"category": "external",
"summary": "SUSE Bug 1226771 for CVE-2024-38568",
"url": "https://bugzilla.suse.com/1226771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38568"
},
{
"cve": "CVE-2024-38571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal/drivers/tsens: Fix null pointer dereference\n\ncompute_intercept_slope() is called from calibrate_8960() (in tsens-8960.c)\nas compute_intercept_slope(priv, p1, NULL, ONE_PT_CALIB) which lead to null\npointer dereference (if DEBUG or DYNAMIC_DEBUG set).\nFix this bug by adding null pointer check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38571",
"url": "https://www.suse.com/security/cve/CVE-2024-38571"
},
{
"category": "external",
"summary": "SUSE Bug 1226737 for CVE-2024-38571",
"url": "https://bugzilla.suse.com/1226737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38571"
},
{
"cve": "CVE-2024-38573",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38573"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncppc_cpufreq: Fix possible null pointer dereference\n\ncppc_cpufreq_get_rate() and hisi_cppc_cpufreq_get_rate() can be called from\ndifferent places with various parameters. So cpufreq_cpu_get() can return\nnull as \u0027policy\u0027 in some circumstances.\nFix this bug by adding null return check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38573",
"url": "https://www.suse.com/security/cve/CVE-2024-38573"
},
{
"category": "external",
"summary": "SUSE Bug 1226739 for CVE-2024-38573",
"url": "https://bugzilla.suse.com/1226739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38573"
},
{
"cve": "CVE-2024-38578",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38578"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\necryptfs: Fix buffer size for tag 66 packet\n\nThe \u0027TAG 66 Packet Format\u0027 description is missing the cipher code and\nchecksum fields that are packed into the message packet. As a result,\nthe buffer allocated for the packet is 3 bytes too small and\nwrite_tag_66_packet() will write up to 3 bytes past the end of the\nbuffer.\n\nFix this by increasing the size of the allocation so the whole packet\nwill always fit in the buffer.\n\nThis fixes the below kasan slab-out-of-bounds bug:\n\n BUG: KASAN: slab-out-of-bounds in ecryptfs_generate_key_packet_set+0x7d6/0xde0\n Write of size 1 at addr ffff88800afbb2a5 by task touch/181\n\n CPU: 0 PID: 181 Comm: touch Not tainted 6.6.13-gnu #1 4c9534092be820851bb687b82d1f92a426598dc6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2/GNU Guix 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x4c/0x70\n print_report+0xc5/0x610\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? kasan_complete_mode_report_info+0x44/0x210\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n kasan_report+0xc2/0x110\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n __asan_store1+0x62/0x80\n ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? __pfx_ecryptfs_generate_key_packet_set+0x10/0x10\n ? __alloc_pages+0x2e2/0x540\n ? __pfx_ovl_open+0x10/0x10 [overlay 30837f11141636a8e1793533a02e6e2e885dad1d]\n ? dentry_open+0x8f/0xd0\n ecryptfs_write_metadata+0x30a/0x550\n ? __pfx_ecryptfs_write_metadata+0x10/0x10\n ? ecryptfs_get_lower_file+0x6b/0x190\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n ? __pfx_path_openat+0x10/0x10\n do_filp_open+0x15e/0x290\n ? __pfx_do_filp_open+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? _raw_spin_lock+0x86/0xf0\n ? __pfx__raw_spin_lock+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? alloc_fd+0xf4/0x330\n do_sys_openat2+0x122/0x160\n ? __pfx_do_sys_openat2+0x10/0x10\n __x64_sys_openat+0xef/0x170\n ? __pfx___x64_sys_openat+0x10/0x10\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n RIP: 0033:0x7f00a703fd67\n Code: 25 00 00 41 00 3d 00 00 41 00 74 37 64 8b 04 25 18 00 00 00 85 c0 75 5b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 0f 87 85 00 00 00 48 83 c4 68 5d 41 5c c3 0f 1f\n RSP: 002b:00007ffc088e30b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101\n RAX: ffffffffffffffda RBX: 00007ffc088e3368 RCX: 00007f00a703fd67\n RDX: 0000000000000941 RSI: 00007ffc088e48d7 RDI: 00000000ffffff9c\n RBP: 00007ffc088e48d7 R08: 0000000000000001 R09: 0000000000000000\n R10: 00000000000001b6 R11: 0000000000000246 R12: 0000000000000941\n R13: 0000000000000000 R14: 00007ffc088e48d7 R15: 00007f00a7180040\n \u003c/TASK\u003e\n\n Allocated by task 181:\n kasan_save_stack+0x2f/0x60\n kasan_set_track+0x29/0x40\n kasan_save_alloc_info+0x25/0x40\n __kasan_kmalloc+0xc5/0xd0\n __kmalloc+0x66/0x160\n ecryptfs_generate_key_packet_set+0x6d2/0xde0\n ecryptfs_write_metadata+0x30a/0x550\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n do_filp_open+0x15e/0x290\n do_sys_openat2+0x122/0x160\n __x64_sys_openat+0xef/0x170\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38578",
"url": "https://www.suse.com/security/cve/CVE-2024-38578"
},
{
"category": "external",
"summary": "SUSE Bug 1226634 for CVE-2024-38578",
"url": "https://bugzilla.suse.com/1226634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38578"
},
{
"cve": "CVE-2024-38579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38579"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: bcm - Fix pointer arithmetic\n\nIn spu2_dump_omd() value of ptr is increased by ciph_key_len\ninstead of hash_iv_len which could lead to going beyond the\nbuffer boundaries.\nFix this bug by changing ciph_key_len to hash_iv_len.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38579",
"url": "https://www.suse.com/security/cve/CVE-2024-38579"
},
{
"category": "external",
"summary": "SUSE Bug 1226637 for CVE-2024-38579",
"url": "https://bugzilla.suse.com/1226637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38579"
},
{
"cve": "CVE-2024-38580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38580"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nepoll: be better about file lifetimes\n\nepoll can call out to vfs_poll() with a file pointer that may race with\nthe last \u0027fput()\u0027. That would make f_count go down to zero, and while\nthe ep-\u003emtx locking means that the resulting file pointer tear-down will\nbe blocked until the poll returns, it means that f_count is already\ndead, and any use of it won\u0027t actually get a reference to the file any\nmore: it\u0027s dead regardless.\n\nMake sure we have a valid ref on the file pointer before we call down to\nvfs_poll() from the epoll routines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38580",
"url": "https://www.suse.com/security/cve/CVE-2024-38580"
},
{
"category": "external",
"summary": "SUSE Bug 1226610 for CVE-2024-38580",
"url": "https://bugzilla.suse.com/1226610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38580"
},
{
"cve": "CVE-2024-38581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/mes: fix use-after-free issue\n\nDelete fence fallback timer to fix the ramdom\nuse-after-free issue.\n\nv2: move to amdgpu_mes.c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38581",
"url": "https://www.suse.com/security/cve/CVE-2024-38581"
},
{
"category": "external",
"summary": "SUSE Bug 1226657 for CVE-2024-38581",
"url": "https://bugzilla.suse.com/1226657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38581"
},
{
"cve": "CVE-2024-38582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential hang in nilfs_detach_log_writer()\n\nSyzbot has reported a potential hang in nilfs_detach_log_writer() called\nduring nilfs2 unmount.\n\nAnalysis revealed that this is because nilfs_segctor_sync(), which\nsynchronizes with the log writer thread, can be called after\nnilfs_segctor_destroy() terminates that thread, as shown in the call trace\nbelow:\n\nnilfs_detach_log_writer\n nilfs_segctor_destroy\n nilfs_segctor_kill_thread --\u003e Shut down log writer thread\n flush_work\n nilfs_iput_work_func\n nilfs_dispose_list\n iput\n nilfs_evict_inode\n nilfs_transaction_commit\n nilfs_construct_segment (if inode needs sync)\n nilfs_segctor_sync --\u003e Attempt to synchronize with\n log writer thread\n *** DEADLOCK ***\n\nFix this issue by changing nilfs_segctor_sync() so that the log writer\nthread returns normally without synchronizing after it terminates, and by\nforcing tasks that are already waiting to complete once after the thread\nterminates.\n\nThe skipped inode metadata flushout will then be processed together in the\nsubsequent cleanup work in nilfs_segctor_destroy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38582",
"url": "https://www.suse.com/security/cve/CVE-2024-38582"
},
{
"category": "external",
"summary": "SUSE Bug 1226658 for CVE-2024-38582",
"url": "https://bugzilla.suse.com/1226658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38582"
},
{
"cve": "CVE-2024-38583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix use-after-free of timer for log writer thread\n\nPatch series \"nilfs2: fix log writer related issues\".\n\nThis bug fix series covers three nilfs2 log writer-related issues,\nincluding a timer use-after-free issue and potential deadlock issue on\nunmount, and a potential freeze issue in event synchronization found\nduring their analysis. Details are described in each commit log.\n\n\nThis patch (of 3):\n\nA use-after-free issue has been reported regarding the timer sc_timer on\nthe nilfs_sc_info structure.\n\nThe problem is that even though it is used to wake up a sleeping log\nwriter thread, sc_timer is not shut down until the nilfs_sc_info structure\nis about to be freed, and is used regardless of the thread\u0027s lifetime.\n\nFix this issue by limiting the use of sc_timer only while the log writer\nthread is alive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38583",
"url": "https://www.suse.com/security/cve/CVE-2024-38583"
},
{
"category": "external",
"summary": "SUSE Bug 1226777 for CVE-2024-38583",
"url": "https://bugzilla.suse.com/1226777"
},
{
"category": "external",
"summary": "SUSE Bug 1227286 for CVE-2024-38583",
"url": "https://bugzilla.suse.com/1227286"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38583"
},
{
"cve": "CVE-2024-38587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspeakup: Fix sizeof() vs ARRAY_SIZE() bug\n\nThe \"buf\" pointer is an array of u16 values. This code should be\nusing ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512),\notherwise it can the still got out of bounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38587",
"url": "https://www.suse.com/security/cve/CVE-2024-38587"
},
{
"category": "external",
"summary": "SUSE Bug 1226780 for CVE-2024-38587",
"url": "https://bugzilla.suse.com/1226780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38587"
},
{
"cve": "CVE-2024-38590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Modify the print level of CQE error\n\nToo much print may lead to a panic in kernel. Change ibdev_err() to\nibdev_err_ratelimited(), and change the printing level of cqe dump\nto debug level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38590",
"url": "https://www.suse.com/security/cve/CVE-2024-38590"
},
{
"category": "external",
"summary": "SUSE Bug 1226839 for CVE-2024-38590",
"url": "https://bugzilla.suse.com/1226839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38590"
},
{
"cve": "CVE-2024-38591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix deadlock on SRQ async events.\n\nxa_lock for SRQ table may be required in AEQ. Use xa_store_irq()/\nxa_erase_irq() to avoid deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38591",
"url": "https://www.suse.com/security/cve/CVE-2024-38591"
},
{
"category": "external",
"summary": "SUSE Bug 1226738 for CVE-2024-38591",
"url": "https://bugzilla.suse.com/1226738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38591"
},
{
"cve": "CVE-2024-38594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38594"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: move the EST lock to struct stmmac_priv\n\nReinitialize the whole EST structure would also reset the mutex\nlock which is embedded in the EST structure, and then trigger\nthe following warning. To address this, move the lock to struct\nstmmac_priv. We also need to reacquire the mutex lock when doing\nthis initialization.\n\nDEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\nWARNING: CPU: 3 PID: 505 at kernel/locking/mutex.c:587 __mutex_lock+0xd84/0x1068\n Modules linked in:\n CPU: 3 PID: 505 Comm: tc Not tainted 6.9.0-rc6-00053-g0106679839f7-dirty #29\n Hardware name: NXP i.MX8MPlus EVK board (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : __mutex_lock+0xd84/0x1068\n lr : __mutex_lock+0xd84/0x1068\n sp : ffffffc0864e3570\n x29: ffffffc0864e3570 x28: ffffffc0817bdc78 x27: 0000000000000003\n x26: ffffff80c54f1808 x25: ffffff80c9164080 x24: ffffffc080d723ac\n x23: 0000000000000000 x22: 0000000000000002 x21: 0000000000000000\n x20: 0000000000000000 x19: ffffffc083bc3000 x18: ffffffffffffffff\n x17: ffffffc08117b080 x16: 0000000000000002 x15: ffffff80d2d40000\n x14: 00000000000002da x13: ffffff80d2d404b8 x12: ffffffc082b5a5c8\n x11: ffffffc082bca680 x10: ffffffc082bb2640 x9 : ffffffc082bb2698\n x8 : 0000000000017fe8 x7 : c0000000ffffefff x6 : 0000000000000001\n x5 : ffffff8178fe0d48 x4 : 0000000000000000 x3 : 0000000000000027\n x2 : ffffff8178fe0d50 x1 : 0000000000000000 x0 : 0000000000000000\n Call trace:\n __mutex_lock+0xd84/0x1068\n mutex_lock_nested+0x28/0x34\n tc_setup_taprio+0x118/0x68c\n stmmac_setup_tc+0x50/0xf0\n taprio_change+0x868/0xc9c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38594",
"url": "https://www.suse.com/security/cve/CVE-2024-38594"
},
{
"category": "external",
"summary": "SUSE Bug 1226734 for CVE-2024-38594",
"url": "https://bugzilla.suse.com/1226734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38594"
},
{
"cve": "CVE-2024-38597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38597"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: sungem: remove .ndo_poll_controller to avoid deadlocks\n\nErhard reports netpoll warnings from sungem:\n\n netpoll_send_skb_on_dev(): eth0 enabled interrupts in poll (gem_start_xmit+0x0/0x398)\n WARNING: CPU: 1 PID: 1 at net/core/netpoll.c:370 netpoll_send_skb+0x1fc/0x20c\n\ngem_poll_controller() disables interrupts, which may sleep.\nWe can\u0027t sleep in netpoll, it has interrupts disabled completely.\nStrangely, gem_poll_controller() doesn\u0027t even poll the completions,\nand instead acts as if an interrupt has fired so it just schedules\nNAPI and exits. None of this has been necessary for years, since\nnetpoll invokes NAPI directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38597",
"url": "https://www.suse.com/security/cve/CVE-2024-38597"
},
{
"category": "external",
"summary": "SUSE Bug 1226749 for CVE-2024-38597",
"url": "https://bugzilla.suse.com/1226749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38597"
},
{
"cve": "CVE-2024-38599",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38599"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njffs2: prevent xattr node from overflowing the eraseblock\n\nAdd a check to make sure that the requested xattr node size is no larger\nthan the eraseblock minus the cleanmarker.\n\nUnlike the usual inode nodes, the xattr nodes aren\u0027t split into parts\nand spread across multiple eraseblocks, which means that a xattr node\nmust not occupy more than one eraseblock. If the requested xattr value is\ntoo large, the xattr node can spill onto the next eraseblock, overwriting\nthe nodes and causing errors such as:\n\njffs2: argh. node added in wrong place at 0x0000b050(2)\njffs2: nextblock 0x0000a000, expected at 0000b00c\njffs2: error: (823) do_verify_xattr_datum: node CRC failed at 0x01e050,\nread=0xfc892c93, calc=0x000000\njffs2: notice: (823) jffs2_get_inode_nodes: Node header CRC failed\nat 0x01e00c. {848f,2fc4,0fef511f,59a3d171}\njffs2: Node at 0x0000000c with length 0x00001044 would run over the\nend of the erase block\njffs2: Perhaps the file system was created with the wrong erase size?\njffs2: jffs2_scan_eraseblock(): Magic bitmask 0x1985 not found\nat 0x00000010: 0x1044 instead\n\nThis breaks the filesystem and can lead to KASAN crashes such as:\n\nBUG: KASAN: slab-out-of-bounds in jffs2_sum_add_kvec+0x125e/0x15d0\nRead of size 4 at addr ffff88802c31e914 by task repro/830\nCPU: 0 PID: 830 Comm: repro Not tainted 6.9.0-rc3+ #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS Arch Linux 1.16.3-1-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc6/0x120\n print_report+0xc4/0x620\n ? __virt_addr_valid+0x308/0x5b0\n kasan_report+0xc1/0xf0\n ? jffs2_sum_add_kvec+0x125e/0x15d0\n ? jffs2_sum_add_kvec+0x125e/0x15d0\n jffs2_sum_add_kvec+0x125e/0x15d0\n jffs2_flash_direct_writev+0xa8/0xd0\n jffs2_flash_writev+0x9c9/0xef0\n ? __x64_sys_setxattr+0xc4/0x160\n ? do_syscall_64+0x69/0x140\n ? entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38599",
"url": "https://www.suse.com/security/cve/CVE-2024-38599"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-38599",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1226848 for CVE-2024-38599",
"url": "https://bugzilla.suse.com/1226848"
},
{
"category": "external",
"summary": "SUSE Bug 1227283 for CVE-2024-38599",
"url": "https://bugzilla.suse.com/1227283"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-38599"
},
{
"cve": "CVE-2024-38600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38600"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: Fix deadlocks with kctl removals at disconnection\n\nIn snd_card_disconnect(), we set card-\u003eshutdown flag at the beginning,\ncall callbacks and do sync for card-\u003epower_ref_sleep waiters at the\nend. The callback may delete a kctl element, and this can lead to a\ndeadlock when the device was in the suspended state. Namely:\n\n* A process waits for the power up at snd_power_ref_and_wait() in\n snd_ctl_info() or read/write() inside card-\u003econtrols_rwsem.\n\n* The system gets disconnected meanwhile, and the driver tries to\n delete a kctl via snd_ctl_remove*(); it tries to take\n card-\u003econtrols_rwsem again, but this is already locked by the\n above. Since the sleeper isn\u0027t woken up, this deadlocks.\n\nAn easy fix is to wake up sleepers before processing the driver\ndisconnect callbacks but right after setting the card-\u003eshutdown flag.\nThen all sleepers will abort immediately, and the code flows again.\n\nSo, basically this patch moves the wait_event() call at the right\ntiming. While we\u0027re at it, just to be sure, call wait_event_all()\ninstead of wait_event(), although we don\u0027t use exclusive events on\nthis queue for now.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38600",
"url": "https://www.suse.com/security/cve/CVE-2024-38600"
},
{
"category": "external",
"summary": "SUSE Bug 1226864 for CVE-2024-38600",
"url": "https://bugzilla.suse.com/1226864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38600"
},
{
"cve": "CVE-2024-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Fix a race between readers and resize checks\n\nThe reader code in rb_get_reader_page() swaps a new reader page into the\nring buffer by doing cmpxchg on old-\u003elist.prev-\u003enext to point it to the\nnew page. Following that, if the operation is successful,\nold-\u003elist.next-\u003eprev gets updated too. This means the underlying\ndoubly-linked list is temporarily inconsistent, page-\u003eprev-\u003enext or\npage-\u003enext-\u003eprev might not be equal back to page for some page in the\nring buffer.\n\nThe resize operation in ring_buffer_resize() can be invoked in parallel.\nIt calls rb_check_pages() which can detect the described inconsistency\nand stop further tracing:\n\n[ 190.271762] ------------[ cut here ]------------\n[ 190.271771] WARNING: CPU: 1 PID: 6186 at kernel/trace/ring_buffer.c:1467 rb_check_pages.isra.0+0x6a/0xa0\n[ 190.271789] Modules linked in: [...]\n[ 190.271991] Unloaded tainted modules: intel_uncore_frequency(E):1 skx_edac(E):1\n[ 190.272002] CPU: 1 PID: 6186 Comm: cmd.sh Kdump: loaded Tainted: G E 6.9.0-rc6-default #5 158d3e1e6d0b091c34c3b96bfd99a1c58306d79f\n[ 190.272011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552c-rebuilt.opensuse.org 04/01/2014\n[ 190.272015] RIP: 0010:rb_check_pages.isra.0+0x6a/0xa0\n[ 190.272023] Code: [...]\n[ 190.272028] RSP: 0018:ffff9c37463abb70 EFLAGS: 00010206\n[ 190.272034] RAX: ffff8eba04b6cb80 RBX: 0000000000000007 RCX: ffff8eba01f13d80\n[ 190.272038] RDX: ffff8eba01f130c0 RSI: ffff8eba04b6cd00 RDI: ffff8eba0004c700\n[ 190.272042] RBP: ffff8eba0004c700 R08: 0000000000010002 R09: 0000000000000000\n[ 190.272045] R10: 00000000ffff7f52 R11: ffff8eba7f600000 R12: ffff8eba0004c720\n[ 190.272049] R13: ffff8eba00223a00 R14: 0000000000000008 R15: ffff8eba067a8000\n[ 190.272053] FS: 00007f1bd64752c0(0000) GS:ffff8eba7f680000(0000) knlGS:0000000000000000\n[ 190.272057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 190.272061] CR2: 00007f1bd6662590 CR3: 000000010291e001 CR4: 0000000000370ef0\n[ 190.272070] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 190.272073] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 190.272077] Call Trace:\n[ 190.272098] \u003cTASK\u003e\n[ 190.272189] ring_buffer_resize+0x2ab/0x460\n[ 190.272199] __tracing_resize_ring_buffer.part.0+0x23/0xa0\n[ 190.272206] tracing_resize_ring_buffer+0x65/0x90\n[ 190.272216] tracing_entries_write+0x74/0xc0\n[ 190.272225] vfs_write+0xf5/0x420\n[ 190.272248] ksys_write+0x67/0xe0\n[ 190.272256] do_syscall_64+0x82/0x170\n[ 190.272363] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 190.272373] RIP: 0033:0x7f1bd657d263\n[ 190.272381] Code: [...]\n[ 190.272385] RSP: 002b:00007ffe72b643f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 190.272391] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f1bd657d263\n[ 190.272395] RDX: 0000000000000002 RSI: 0000555a6eb538e0 RDI: 0000000000000001\n[ 190.272398] RBP: 0000555a6eb538e0 R08: 000000000000000a R09: 0000000000000000\n[ 190.272401] R10: 0000555a6eb55190 R11: 0000000000000246 R12: 00007f1bd6662500\n[ 190.272404] R13: 0000000000000002 R14: 00007f1bd6667c00 R15: 0000000000000002\n[ 190.272412] \u003c/TASK\u003e\n[ 190.272414] ---[ end trace 0000000000000000 ]---\n\nNote that ring_buffer_resize() calls rb_check_pages() only if the parent\ntrace_buffer has recording disabled. Recent commit d78ab792705c\n(\"tracing: Stop current tracer when resizing buffer\") causes that it is\nnow always the case which makes it more likely to experience this issue.\n\nThe window to hit this race is nonetheless very small. To help\nreproducing it, one can add a delay loop in rb_get_reader_page():\n\n ret = rb_head_page_replace(reader, cpu_buffer-\u003ereader_page);\n if (!ret)\n \tgoto spin;\n for (unsigned i = 0; i \u003c 1U \u003c\u003c 26; i++) /* inserted delay loop */\n \t__asm__ __volatile__ (\"\" : : : \"memory\");\n rb_list_head(reader-\u003elist.next)-\u003eprev = \u0026cpu_buffer-\u003ereader_page-\u003elist;\n\n.. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38601",
"url": "https://www.suse.com/security/cve/CVE-2024-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1226876 for CVE-2024-38601",
"url": "https://bugzilla.suse.com/1226876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38601"
},
{
"cve": "CVE-2024-38603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38603"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: hisi: hns3: Actually use devm_add_action_or_reset()\n\npci_alloc_irq_vectors() allocates an irq vector. When devm_add_action()\nfails, the irq vector is not freed, which leads to a memory leak.\n\nReplace the devm_add_action with devm_add_action_or_reset to ensure\nthe irq vector can be destroyed when it fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38603",
"url": "https://www.suse.com/security/cve/CVE-2024-38603"
},
{
"category": "external",
"summary": "SUSE Bug 1226842 for CVE-2024-38603",
"url": "https://bugzilla.suse.com/1226842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38603"
},
{
"cve": "CVE-2024-38605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: core: Fix NULL module pointer assignment at card init\n\nThe commit 81033c6b584b (\"ALSA: core: Warn on empty module\")\nintroduced a WARN_ON() for a NULL module pointer passed at snd_card\nobject creation, and it also wraps the code around it with \u0027#ifdef\nMODULE\u0027. This works in most cases, but the devils are always in\ndetails. \"MODULE\" is defined when the target code (i.e. the sound\ncore) is built as a module; but this doesn\u0027t mean that the caller is\nalso built-in or not. Namely, when only the sound core is built-in\n(CONFIG_SND=y) while the driver is a module (CONFIG_SND_USB_AUDIO=m),\nthe passed module pointer is ignored even if it\u0027s non-NULL, and\ncard-\u003emodule remains as NULL. This would result in the missing module\nreference up/down at the device open/close, leading to a race with the\ncode execution after the module removal.\n\nFor addressing the bug, move the assignment of card-\u003emodule again out\nof ifdef. The WARN_ON() is still wrapped with ifdef because the\nmodule can be really NULL when all sound drivers are built-in.\n\nNote that we keep \u0027ifdef MODULE\u0027 for WARN_ON(), otherwise it would\nlead to a false-positive NULL module check. Admittedly it won\u0027t catch\nperfectly, i.e. no check is performed when CONFIG_SND=y. But, it\u0027s no\nreal problem as it\u0027s only for debugging, and the condition is pretty\nrare.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38605",
"url": "https://www.suse.com/security/cve/CVE-2024-38605"
},
{
"category": "external",
"summary": "SUSE Bug 1226740 for CVE-2024-38605",
"url": "https://bugzilla.suse.com/1226740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38605"
},
{
"cve": "CVE-2024-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix netif state handling\n\nmlx5e_suspend cleans resources only if netif_device_present() returns\ntrue. However, mlx5e_resume changes the state of netif, via\nmlx5e_nic_enable, only if reg_state == NETREG_REGISTERED.\nIn the below case, the above leads to NULL-ptr Oops[1] and memory\nleaks:\n\nmlx5e_probe\n _mlx5e_resume\n mlx5e_attach_netdev\n mlx5e_nic_enable \u003c-- netdev not reg, not calling netif_device_attach()\n register_netdev \u003c-- failed for some reason.\nERROR_FLOW:\n _mlx5e_suspend \u003c-- netif_device_present return false, resources aren\u0027t freed :(\n\nHence, clean resources in this case as well.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: 0010 [#1] SMP\nCPU: 2 PID: 9345 Comm: test-ovs-ct-gen Not tainted 6.5.0_for_upstream_min_debug_2023_09_05_16_01 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at0xffffffffffffffd6.\nRSP: 0018:ffff888178aaf758 EFLAGS: 00010246\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x14c/0x3c0\n ? exc_page_fault+0x75/0x140\n ? asm_exc_page_fault+0x22/0x30\n notifier_call_chain+0x35/0xb0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core]\n mlx5_core_uplink_netdev_event_replay+0x3e/0x60 [mlx5_core]\n mlx5_mdev_netdev_track+0x53/0x60 [mlx5_ib]\n mlx5_ib_roce_init+0xc3/0x340 [mlx5_ib]\n __mlx5_ib_add+0x34/0xd0 [mlx5_ib]\n mlx5r_probe+0xe1/0x210 [mlx5_ib]\n ? auxiliary_match_id+0x6a/0x90\n auxiliary_bus_probe+0x38/0x80\n ? driver_sysfs_add+0x51/0x80\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x86/0xa0\n device_add+0x637/0x840\n __auxiliary_device_add+0x3b/0xa0\n add_adev+0xc9/0x140 [mlx5_core]\n mlx5_rescan_drivers_locked+0x22a/0x310 [mlx5_core]\n mlx5_register_device+0x53/0xa0 [mlx5_core]\n mlx5_init_one_devl_locked+0x5c4/0x9c0 [mlx5_core]\n mlx5_init_one+0x3b/0x60 [mlx5_core]\n probe_one+0x44c/0x730 [mlx5_core]\n local_pci_probe+0x3e/0x90\n pci_device_probe+0xbf/0x210\n ? kernfs_create_link+0x5d/0xa0\n ? sysfs_do_create_link_sd+0x60/0xc0\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n pci_bus_add_device+0x54/0x80\n pci_iov_add_virtfn+0x2e6/0x320\n sriov_enable+0x208/0x420\n mlx5_core_sriov_configure+0x9e/0x200 [mlx5_core]\n sriov_numvfs_store+0xae/0x1a0\n kernfs_fop_write_iter+0x10c/0x1a0\n vfs_write+0x291/0x3c0\n ksys_write+0x5f/0xe0\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n CR2: 0000000000000000\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38608",
"url": "https://www.suse.com/security/cve/CVE-2024-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1226746 for CVE-2024-38608",
"url": "https://bugzilla.suse.com/1226746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38608"
},
{
"cve": "CVE-2024-38616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: carl9170: re-fix fortified-memset warning\n\nThe carl9170_tx_release() function sometimes triggers a fortified-memset\nwarning in my randconfig builds:\n\nIn file included from include/linux/string.h:254,\n from drivers/net/wireless/ath/carl9170/tx.c:40:\nIn function \u0027fortify_memset_chk\u0027,\n inlined from \u0027carl9170_tx_release\u0027 at drivers/net/wireless/ath/carl9170/tx.c:283:2,\n inlined from \u0027kref_put\u0027 at include/linux/kref.h:65:3,\n inlined from \u0027carl9170_tx_put_skb\u0027 at drivers/net/wireless/ath/carl9170/tx.c:342:9:\ninclude/linux/fortify-string.h:493:25: error: call to \u0027__write_overflow_field\u0027 declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]\n 493 | __write_overflow_field(p_size_field, size);\n\nKees previously tried to avoid this by using memset_after(), but it seems\nthis does not fully address the problem. I noticed that the memset_after()\nhere is done on a different part of the union (status) than the original\ncast was from (rate_driver_data), which may confuse the compiler.\n\nUnfortunately, the memset_after() trick does not work on driver_rates[]\nbecause that is part of an anonymous struct, and I could not get\nstruct_group() to do this either. Using two separate memset() calls\non the two members does address the warning though.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38616",
"url": "https://www.suse.com/security/cve/CVE-2024-38616"
},
{
"category": "external",
"summary": "SUSE Bug 1226852 for CVE-2024-38616",
"url": "https://bugzilla.suse.com/1226852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38616"
},
{
"cve": "CVE-2024-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: timer: Set lower bound of start tick time\n\nCurrently ALSA timer doesn\u0027t have the lower limit of the start tick\ntime, and it allows a very small size, e.g. 1 tick with 1ns resolution\nfor hrtimer. Such a situation may lead to an unexpected RCU stall,\nwhere the callback repeatedly queuing the expire update, as reported\nby fuzzer.\n\nThis patch introduces a sanity check of the timer start tick time, so\nthat the system returns an error when a too small start size is set.\nAs of this patch, the lower limit is hard-coded to 100us, which is\nsmall enough but can still work somehow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38618",
"url": "https://www.suse.com/security/cve/CVE-2024-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1226754 for CVE-2024-38618",
"url": "https://bugzilla.suse.com/1226754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38618"
},
{
"cve": "CVE-2024-38619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38619"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb-storage: alauda: Check whether the media is initialized\n\nThe member \"uzonesize\" of struct alauda_info will remain 0\nif alauda_init_media() fails, potentially causing divide errors\nin alauda_read_data() and alauda_write_lba().\n- Add a member \"media_initialized\" to struct alauda_info.\n- Change a condition in alauda_check_media() to ensure the\n first initialization.\n- Add an error check for the return value of alauda_init_media().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38619",
"url": "https://www.suse.com/security/cve/CVE-2024-38619"
},
{
"category": "external",
"summary": "SUSE Bug 1226861 for CVE-2024-38619",
"url": "https://bugzilla.suse.com/1226861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38619"
},
{
"cve": "CVE-2024-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: stk1160: fix bounds checking in stk1160_copy_video()\n\nThe subtract in this condition is reversed. The -\u003elength is the length\nof the buffer. The -\u003ebytesused is how many bytes we have copied thus\nfar. When the condition is reversed that means the result of the\nsubtraction is always negative but since it\u0027s unsigned then the result\nis a very high positive value. That means the overflow check is never\ntrue.\n\nAdditionally, the -\u003ebytesused doesn\u0027t actually work for this purpose\nbecause we\u0027re not writing to \"buf-\u003emem + buf-\u003ebytesused\". Instead, the\nmath to calculate the destination where we are writing is a bit\ninvolved. You calculate the number of full lines already written,\nmultiply by two, skip a line if necessary so that we start on an odd\nnumbered line, and add the offset into the line.\n\nTo fix this buffer overflow, just take the actual destination where we\nare writing, if the offset is already out of bounds print an error and\nreturn. Otherwise, write up to buf-\u003elength bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38621",
"url": "https://www.suse.com/security/cve/CVE-2024-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1226895 for CVE-2024-38621",
"url": "https://bugzilla.suse.com/1226895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38621"
},
{
"cve": "CVE-2024-38627",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38627"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstm class: Fix a double free in stm_register_device()\n\nThe put_device(\u0026stm-\u003edev) call will trigger stm_device_release() which\nfrees \"stm\" so the vfree(stm) on the next line is a double free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38627",
"url": "https://www.suse.com/security/cve/CVE-2024-38627"
},
{
"category": "external",
"summary": "SUSE Bug 1226857 for CVE-2024-38627",
"url": "https://bugzilla.suse.com/1226857"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38627"
},
{
"cve": "CVE-2024-38630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38630"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger\n\nWhen the cpu5wdt module is removing, the origin code uses del_timer() to\nde-activate the timer. If the timer handler is running, del_timer() could\nnot stop it and will return directly. If the port region is released by\nrelease_region() and then the timer handler cpu5wdt_trigger() calls outb()\nto write into the region that is released, the use-after-free bug will\nhappen.\n\nChange del_timer() to timer_shutdown_sync() in order that the timer handler\ncould be finished before the port region is released.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38630",
"url": "https://www.suse.com/security/cve/CVE-2024-38630"
},
{
"category": "external",
"summary": "SUSE Bug 1226908 for CVE-2024-38630",
"url": "https://bugzilla.suse.com/1226908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38630"
},
{
"cve": "CVE-2024-38633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38633"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Update uart_driver_registered on driver removal\n\nThe removal of the last MAX3100 device triggers the removal of\nthe driver. However, code doesn\u0027t update the respective global\nvariable and after insmod \u2014 rmmod \u2014 insmod cycle the kernel\noopses:\n\n max3100 spi-PRP0001:01: max3100_probe: adding port 0\n BUG: kernel NULL pointer dereference, address: 0000000000000408\n ...\n RIP: 0010:serial_core_register_port+0xa0/0x840\n ...\n max3100_probe+0x1b6/0x280 [max3100]\n spi_probe+0x8d/0xb0\n\nUpdate the actual state so next time UART driver will be registered\nagain.\n\nHugo also noticed, that the error path in the probe also affected\nby having the variable set, and not cleared. Instead of clearing it\nmove the assignment after the successfull uart_register_driver() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38633",
"url": "https://www.suse.com/security/cve/CVE-2024-38633"
},
{
"category": "external",
"summary": "SUSE Bug 1226867 for CVE-2024-38633",
"url": "https://bugzilla.suse.com/1226867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38633"
},
{
"cve": "CVE-2024-38634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Lock port-\u003elock when calling uart_handle_cts_change()\n\nuart_handle_cts_change() has to be called with port lock taken,\nSince we run it in a separate work, the lock may not be taken at\nthe time of running. Make sure that it\u0027s taken by explicitly doing\nthat. Without it we got a splat:\n\n WARNING: CPU: 0 PID: 10 at drivers/tty/serial/serial_core.c:3491 uart_handle_cts_change+0xa6/0xb0\n ...\n Workqueue: max3100-0 max3100_work [max3100]\n RIP: 0010:uart_handle_cts_change+0xa6/0xb0\n ...\n max3100_handlerx+0xc5/0x110 [max3100]\n max3100_work+0x12a/0x340 [max3100]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38634",
"url": "https://www.suse.com/security/cve/CVE-2024-38634"
},
{
"category": "external",
"summary": "SUSE Bug 1226868 for CVE-2024-38634",
"url": "https://bugzilla.suse.com/1226868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38634"
},
{
"cve": "CVE-2024-38635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoundwire: cadence: fix invalid PDI offset\n\nFor some reason, we add an offset to the PDI, presumably to skip the\nPDI0 and PDI1 which are reserved for BPT.\n\nThis code is however completely wrong and leads to an out-of-bounds\naccess. We were just lucky so far since we used only a couple of PDIs\nand remained within the PDI array bounds.\n\nA Fixes: tag is not provided since there are no known platforms where\nthe out-of-bounds would be accessed, and the initial code had problems\nas well.\n\nA follow-up patch completely removes this useless offset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38635",
"url": "https://www.suse.com/security/cve/CVE-2024-38635"
},
{
"category": "external",
"summary": "SUSE Bug 1226863 for CVE-2024-38635",
"url": "https://bugzilla.suse.com/1226863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38635"
},
{
"cve": "CVE-2024-38659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nenic: Validate length of nl attributes in enic_set_vf_port\n\nenic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE\nis of length PORT_PROFILE_MAX and that the nl attributes\nIFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are of length PORT_UUID_MAX.\nThese attributes are validated (in the function do_setlink in rtnetlink.c)\nusing the nla_policy ifla_port_policy. The policy defines IFLA_PORT_PROFILE\nas NLA_STRING, IFLA_PORT_INSTANCE_UUID as NLA_BINARY and\nIFLA_PORT_HOST_UUID as NLA_STRING. That means that the length validation\nusing the policy is for the max size of the attributes and not on exact\nsize so the length of these attributes might be less than the sizes that\nenic_set_vf_port expects. This might cause an out of bands\nread access in the memcpys of the data of these\nattributes in enic_set_vf_port.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38659",
"url": "https://www.suse.com/security/cve/CVE-2024-38659"
},
{
"category": "external",
"summary": "SUSE Bug 1226883 for CVE-2024-38659",
"url": "https://bugzilla.suse.com/1226883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38659"
},
{
"cve": "CVE-2024-38661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ap: Fix crash in AP internal function modify_bitmap()\n\nA system crash like this\n\n Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403\n Fault in home space mode while using kernel ASCE.\n AS:00000002d71bc007 R3:00000003fe5b8007 S:000000011a446000 P:000000015660c13d\n Oops: 0038 ilc:3 [#1] PREEMPT SMP\n Modules linked in: mlx5_ib ...\n CPU: 8 PID: 7556 Comm: bash Not tainted 6.9.0-rc7 #8\n Hardware name: IBM 3931 A01 704 (LPAR)\n Krnl PSW : 0704e00180000000 0000014b75e7b606 (ap_parse_bitmap_str+0x10e/0x1f8)\n R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3\n Krnl GPRS: 0000000000000001 ffffffffffffffc0 0000000000000001 00000048f96b75d3\n 000000cb00000100 ffffffffffffffff ffffffffffffffff 000000cb7df6fce0\n 000000cb7df6fce0 00000000ffffffff 000000000000002b 00000048ffffffff\n 000003ff9b2dbc80 200000cb7df6fcd8 0000014bffffffc0 000000cb7df6fbc8\n Krnl Code: 0000014b75e7b5fc: a7840047 brc 8,0000014b75e7b68a\n 0000014b75e7b600: 18b2 lr %r11,%r2\n #0000014b75e7b602: a7f4000a brc 15,0000014b75e7b616\n \u003e0000014b75e7b606: eb22d00000e6 laog %r2,%r2,0(%r13)\n 0000014b75e7b60c: a7680001 lhi %r6,1\n 0000014b75e7b610: 187b lr %r7,%r11\n 0000014b75e7b612: 84960021 brxh %r9,%r6,0000014b75e7b654\n 0000014b75e7b616: 18e9 lr %r14,%r9\n Call Trace:\n [\u003c0000014b75e7b606\u003e] ap_parse_bitmap_str+0x10e/0x1f8\n ([\u003c0000014b75e7b5dc\u003e] ap_parse_bitmap_str+0xe4/0x1f8)\n [\u003c0000014b75e7b758\u003e] apmask_store+0x68/0x140\n [\u003c0000014b75679196\u003e] kernfs_fop_write_iter+0x14e/0x1e8\n [\u003c0000014b75598524\u003e] vfs_write+0x1b4/0x448\n [\u003c0000014b7559894c\u003e] ksys_write+0x74/0x100\n [\u003c0000014b7618a440\u003e] __do_syscall+0x268/0x328\n [\u003c0000014b761a3558\u003e] system_call+0x70/0x98\n INFO: lockdep is turned off.\n Last Breaking-Event-Address:\n [\u003c0000014b75e7b636\u003e] ap_parse_bitmap_str+0x13e/0x1f8\n Kernel panic - not syncing: Fatal exception: panic_on_oops\n\noccured when /sys/bus/ap/a[pq]mask was updated with a relative mask value\n(like +0x10-0x12,+60,-90) with one of the numeric values exceeding INT_MAX.\n\nThe fix is simple: use unsigned long values for the internal variables. The\ncorrect checks are already in place in the function but a simple int for\nthe internal variables was used with the possibility to overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38661",
"url": "https://www.suse.com/security/cve/CVE-2024-38661"
},
{
"category": "external",
"summary": "SUSE Bug 1226996 for CVE-2024-38661",
"url": "https://bugzilla.suse.com/1226996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38661"
},
{
"cve": "CVE-2024-38780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/sw-sync: don\u0027t enable IRQ from sync_print_obj()\n\nSince commit a6aa8fca4d79 (\"dma-buf/sw-sync: Reduce irqsave/irqrestore from\nknown context\") by error replaced spin_unlock_irqrestore() with\nspin_unlock_irq() for both sync_debugfs_show() and sync_print_obj() despite\nsync_print_obj() is called from sync_debugfs_show(), lockdep complains\ninconsistent lock state warning.\n\nUse plain spin_{lock,unlock}() for sync_print_obj(), for\nsync_debugfs_show() is already using spin_{lock,unlock}_irq().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38780",
"url": "https://www.suse.com/security/cve/CVE-2024-38780"
},
{
"category": "external",
"summary": "SUSE Bug 1226886 for CVE-2024-38780",
"url": "https://bugzilla.suse.com/1226886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-38780"
},
{
"cve": "CVE-2024-39301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/9p: fix uninit-value in p9_client_rpc()\n\nSyzbot with the help of KMSAN reported the following error:\n\nBUG: KMSAN: uninit-value in trace_9p_client_res include/trace/events/9p.h:146 [inline]\nBUG: KMSAN: uninit-value in p9_client_rpc+0x1314/0x1340 net/9p/client.c:754\n trace_9p_client_res include/trace/events/9p.h:146 [inline]\n p9_client_rpc+0x1314/0x1340 net/9p/client.c:754\n p9_client_create+0x1551/0x1ff0 net/9p/client.c:1031\n v9fs_session_init+0x1b9/0x28e0 fs/9p/v9fs.c:410\n v9fs_mount+0xe2/0x12b0 fs/9p/vfs_super.c:122\n legacy_get_tree+0x114/0x290 fs/fs_context.c:662\n vfs_get_tree+0xa7/0x570 fs/super.c:1797\n do_new_mount+0x71f/0x15e0 fs/namespace.c:3352\n path_mount+0x742/0x1f20 fs/namespace.c:3679\n do_mount fs/namespace.c:3692 [inline]\n __do_sys_mount fs/namespace.c:3898 [inline]\n __se_sys_mount+0x725/0x810 fs/namespace.c:3875\n __x64_sys_mount+0xe4/0x150 fs/namespace.c:3875\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was created at:\n __alloc_pages+0x9d6/0xe70 mm/page_alloc.c:4598\n __alloc_pages_node include/linux/gfp.h:238 [inline]\n alloc_pages_node include/linux/gfp.h:261 [inline]\n alloc_slab_page mm/slub.c:2175 [inline]\n allocate_slab mm/slub.c:2338 [inline]\n new_slab+0x2de/0x1400 mm/slub.c:2391\n ___slab_alloc+0x1184/0x33d0 mm/slub.c:3525\n __slab_alloc mm/slub.c:3610 [inline]\n __slab_alloc_node mm/slub.c:3663 [inline]\n slab_alloc_node mm/slub.c:3835 [inline]\n kmem_cache_alloc+0x6d3/0xbe0 mm/slub.c:3852\n p9_tag_alloc net/9p/client.c:278 [inline]\n p9_client_prepare_req+0x20a/0x1770 net/9p/client.c:641\n p9_client_rpc+0x27e/0x1340 net/9p/client.c:688\n p9_client_create+0x1551/0x1ff0 net/9p/client.c:1031\n v9fs_session_init+0x1b9/0x28e0 fs/9p/v9fs.c:410\n v9fs_mount+0xe2/0x12b0 fs/9p/vfs_super.c:122\n legacy_get_tree+0x114/0x290 fs/fs_context.c:662\n vfs_get_tree+0xa7/0x570 fs/super.c:1797\n do_new_mount+0x71f/0x15e0 fs/namespace.c:3352\n path_mount+0x742/0x1f20 fs/namespace.c:3679\n do_mount fs/namespace.c:3692 [inline]\n __do_sys_mount fs/namespace.c:3898 [inline]\n __se_sys_mount+0x725/0x810 fs/namespace.c:3875\n __x64_sys_mount+0xe4/0x150 fs/namespace.c:3875\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nIf p9_check_errors() fails early in p9_client_rpc(), req-\u003erc.tag\nwill not be properly initialized. However, trace_9p_client_res()\nends up trying to print it out anyway before p9_client_rpc()\nfinishes.\n\nFix this issue by assigning default values to p9_fcall fields\nsuch as \u0027tag\u0027 and (just in case KMSAN unearths something new) \u0027id\u0027\nduring the tag allocation stage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39301",
"url": "https://www.suse.com/security/cve/CVE-2024-39301"
},
{
"category": "external",
"summary": "SUSE Bug 1226994 for CVE-2024-39301",
"url": "https://bugzilla.suse.com/1226994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-39301"
},
{
"cve": "CVE-2024-39468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39468"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix deadlock in smb2_find_smb_tcon()\n\nUnlock cifs_tcp_ses_lock before calling cifs_put_smb_ses() to avoid such\ndeadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39468",
"url": "https://www.suse.com/security/cve/CVE-2024-39468"
},
{
"category": "external",
"summary": "SUSE Bug 1227103 for CVE-2024-39468",
"url": "https://bugzilla.suse.com/1227103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-39468"
},
{
"cve": "CVE-2024-39469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors\n\nThe error handling in nilfs_empty_dir() when a directory folio/page read\nfails is incorrect, as in the old ext2 implementation, and if the\nfolio/page cannot be read or nilfs_check_folio() fails, it will falsely\ndetermine the directory as empty and corrupt the file system.\n\nIn addition, since nilfs_empty_dir() does not immediately return on a\nfailed folio/page read, but continues to loop, this can cause a long loop\nwith I/O if i_size of the directory\u0027s inode is also corrupted, causing the\nlog writer thread to wait and hang, as reported by syzbot.\n\nFix these issues by making nilfs_empty_dir() immediately return a false\nvalue (0) if it fails to get a directory folio/page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39469",
"url": "https://www.suse.com/security/cve/CVE-2024-39469"
},
{
"category": "external",
"summary": "SUSE Bug 1226992 for CVE-2024-39469",
"url": "https://bugzilla.suse.com/1226992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-39469"
},
{
"cve": "CVE-2024-39471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39471"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: add error handle to avoid out-of-bounds\n\nif the sdma_v4_0_irq_id_to_seq return -EINVAL, the process should\nbe stop to avoid out-of-bounds read, so directly return -EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39471",
"url": "https://www.suse.com/security/cve/CVE-2024-39471"
},
{
"category": "external",
"summary": "SUSE Bug 1227096 for CVE-2024-39471",
"url": "https://bugzilla.suse.com/1227096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"SUSE Real Time Module 15 SP5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"SUSE Real Time Module 15 SP5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-extra-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-optional-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-rt_debug-vdso-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kernel-source-rt-5.14.21-150500.13.61.1.noarch",
"openSUSE Leap 15.5:kernel-syms-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-rt-5.14.21-150500.13.61.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-rt-5.14.21-150500.13.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T16:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-39471"
}
]
}
suse-su-2024:2973-1
Vulnerability from csaf_suse
Published
2024-08-20 07:15
Modified
2024-08-20 07:15
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2023-38417: wifi: iwlwifi: bump FW API to 90 for BZ/SC devices (bsc#1225600).
- CVE-2023-47210: wifi: iwlwifi: bump FW API to 90 for BZ/SC devices (bsc#1225601).
- CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
- CVE-2023-52458: Fixed check that partition length needs to be aligned with block size (bsc#1220428).
- CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915).
- CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615).
- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
- CVE-2023-52631: Fixed an NULL dereference bug (bsc#1222264 CVE-2023-52631).
- CVE-2023-52640: Fixed out-of-bounds in ntfs_listxattr (bsc#1222301).
- CVE-2023-52641: Fixed NULL ptr dereference checking at the end of attr_allocate_frame() (bsc#1222303)
- CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2023-52656: Dropped any code related to SCM_RIGHTS (bsc#1224187).
- CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614).
- CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727).
- CVE-2023-52659: Fixed to pfn_to_kaddr() not treated as a 64-bit type (bsc#1224442)
- CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608).
- CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config() (bsc#1224628).
- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (CVE-2023-52698 bsc#1224621)
- CVE-2023-52699: sysv: don't call sb_bread() with pointers_lock held (bsc#1224659).
- CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475).
- CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489).
- CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).
- CVE-2023-52771: Fixed delete_endpoint() vs parent unregistration race (bsc#1225007).
- CVE-2023-52772: Fixed use-after-free in unix_stream_read_actor() (bsc#1224989).
- CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).
- CVE-2023-52786: ext4: fix racy may inline data check in dio write (bsc#1224939).
- CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105).
- CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).
- CVE-2023-52855: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency (bsc#1225583).
- CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936).
- CVE-2023-52875: Add check for mtk_alloc_clk_data (bsc#1225096).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2023-6238: Fixed kcalloc() arguments order (bsc#1217384).
- CVE-2024-21823: Fixed safety flag to struct ends (bsc#1223625).
- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
- CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834).
- CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
- CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
- CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).
- CVE-2024-26623: pds_core: Prevent race issues involving the adminq (bsc#1221057).
- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
- CVE-2024-26632: Fixed iterating over an empty bio with bio_for_each_folio_all (bsc#1221635).
- CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
- CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
- CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
- CVE-2024-26638: Fixed uninitialize struct msghdr completely (bsc#1221649 CVE-2024-26638).
- CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).
- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
- CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829).
- CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).
- CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328).
- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
- CVE-2024-26674: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups (bsc#1222378).
- CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385).
- CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445).
- CVE-2024-26691: KVM: arm64: Fix circular locking dependency (bsc#1222463).
- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
- CVE-2024-26726: Fixed invalid drop extent_map for free space inode on write error (bsc#1222532)
- CVE-2024-26731: Fixed NULL pointer dereference in sk_psock_verdict_data_ready() (bsc#1222371).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26734: devlink: fix possible use-after-free and memory leaks in devlink_init() (bsc#1222438).
- CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557).
- CVE-2024-26740: Fixed use the backlog for mirred ingress (bsc#1222563).
- CVE-2024-26760: scsi: target: pscsi: Fix bio_put() for error case (bsc#1222596).
- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
- CVE-2024-26774: Fixed dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt (bsc#1222622).
- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
- CVE-2024-26785: iommufd: Fix protection fault in iommufd_test_syz_conv_iova (bsc#1222779).
- CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)
- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).
- CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801).
- CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809).
- CVE-2024-26814: vfio/fsl-mc: Block calling interrupt handler without trigger (bsc#1222810).
- CVE-2024-26815: Fixed improper TCA_TAPRIO_TC_ENTRY_INDEX check (bsc#1222635).
- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624).
- CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).
- CVE-2024-26826: mptcp: fix data re-injection from stale subflow (bsc#1223010).
- CVE-2024-26832: Fixed missing folio cleanup in writeback race path (bsc#1223007).
- CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).
- CVE-2024-26844: Fixed WARNING in _copy_from_iter (bsc#1223015).
- CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).
- CVE-2024-26860: Fixed a memory leak when rechecking the data (bsc#1223077).
- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
- CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).
- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
- CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
- CVE-2024-26899: Fixed deadlock between bd_link_disk_holder and partition scan (bsc#1223045).
- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
- CVE-2024-26906: Fixed invalid vsyscall page read for copy_from_kernel_nofault() (bsc#1223202).
- CVE-2024-26909: Fixed drm bridge use-after-free (bsc#1223143).
- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
- CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).
- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).
- CVE-2024-26944: btrfs: zoned: fix lock ordering in btrfs_zone_activate() (bsc#1223731).
- CVE-2024-26945: Fixed nr_cpus < nr_iaa case (bsc#1223732).
- CVE-2024-26946: Fixed copy_from_kernel_nofault() to read from unsafe address (bsc#1223669).
- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).
- CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
- CVE-2024-26991: Fixed overflow lpage_info when checking attributes (bsc#1223695).
- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
- CVE-2024-27012: netfilter: nf_tables: restore set elements when delete set fails (bsc#1223804).
- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
- CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).
- CVE-2024-27016: netfilter: flowtable: validate pppoe header (bsc#1223807).
- CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)
- CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)
- CVE-2024-27022: Fixed linking file vma until vma is fully initialized (bsc#1223774).
- CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)
- CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
- CVE-2024-27064: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain (bsc#1223740).
- CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836).
- CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098).
- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).
- CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414).
- CVE-2024-27404: mptcp: fix data races on remote_id (bsc#1224422)
- CVE-2024-27408: Fixed race condition in dmaengine w-edma/eDMA (bsc#1224430).
- CVE-2024-27414: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back (bsc#1224439).
- CVE-2024-27417: Fixed potential 'struct net' leak in inet6_rtm_getaddr() (bsc#1224721)
- CVE-2024-27418: Fixed memory leak in mctp_local_output (bsc#1224720)
- CVE-2024-27419: Fixed data-races around sysctl_net_busy_read (bsc#1224759)
- CVE-2024-27431: Fixed Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718).
- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
- CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
- CVE-2024-35827: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() (bsc#1224606).
- CVE-2024-35831: io_uring: Fix release of pinned pages when __io_uaddr_map fails (bsc#1224698).
- CVE-2024-35843: iommu/vt-d: Use device rbtree in iopf reporting path (bsc#1224751).
- CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612).
- CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502).
- CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604).
- CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636).
- CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619).
- CVE-2024-35860: Struct bpf_link and bpf_link_ops kABI workaround (bsc#1224531).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).
- CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).
- CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530).
- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
- CVE-2024-35880: io_uring/kbuf: hold io_buffer_list reference over mmap (bsc#1224523).
- CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520).
- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).
- CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).
- CVE-2024-35892: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog() (bsc#1224515).
- CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
- CVE-2024-35895: Fixed lock inversion deadlock in map delete elem (bsc#1224511).
- CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498).
- CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499)
- CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497).
- CVE-2024-35903: Fixed IP after emitting call depth accounting (bsc#1224493).
- CVE-2024-35908: tls: get psock ref after taking rxlock to avoid leak (bsc#1224490)
- CVE-2024-35917: Fixed Fix bpf_plt pointer arithmetic (bsc#1224481).
- CVE-2024-35921: Fixed oops when HEVC init fails (bsc#1224477).
- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).
- CVE-2024-35926: crypto: iaa - Fix async_disable descriptor leak (bsc#1224655).
- CVE-2024-35931: Fixed PCI error slot reset during RAS recovery (bsc#1224652).
- CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)
- CVE-2024-35942: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain (bsc#1224589).
- CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init (bsc#1224649).
- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).
- CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581).
- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).
- CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575).
- CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).
- CVE-2024-35991: Fixed kABI workaround for struct idxd_evl (bsc#1224553).
- CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549).
- CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550).
- CVE-2024-36003: ice: fix LAG and VF lock dependency in ice_reset_vf() (bsc#1224544).
- CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)
- CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539).
- CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541).
- CVE-2024-36007: Fixed warning during rehash (bsc#1224543).
- CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540).
- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).
- CVE-2024-36024: drm/amd/display: Disable idle reallow as part of command/gpint execution (bsc#1225702).
- CVE-2024-36030: Fixed the double free in rvu_npc_freemem() (bsc#1225712)
- CVE-2024-36281: net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules (bsc#1226799).
- CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841).
- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
- CVE-2024-36882: mm: use memalloc_nofs_save() in page_cache_ra_order() (bsc#1225723).
- CVE-2024-36889: ata: libata-scsi: Fix offsets for the fixed format sense data (bsc#1225746).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
- CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726).
- CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
- CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).
- CVE-2024-36903: ipv6: Fix potential uninit-value access in __ip6_make_skb() (bsc#1225741).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
- CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744).
- CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).
- CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).
- CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752).
- CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753).
- CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable (bsc#1225757).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759).
- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).
- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
- CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
- CVE-2024-36935: ice: ensure the copied buf is NUL terminated (bsc#1225763).
- CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834).
- CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761).
- CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823).
- CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851).
- CVE-2024-36957: octeontx2-af: avoid off-by-one read from userspace (bsc#1225762).
- CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).
- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
- CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066).
- CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875).
- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).
- CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
- CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774).
- CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781).
- CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).
- CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
- CVE-2024-38566: bpf: Fix verifier assumptions about socket->sk (bsc#1226790).
- CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771).
- CVE-2024-38569: drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group (bsc#1226772).
- CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775).
- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
- CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750).
- CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734).
- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).
- CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
- CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842).
- CVE-2024-38604: block: refine the EOF check in blkdev_iomap_begin (bsc#1226866).
- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
- CVE-2024-38610: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() (bsc#1226758).
- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).
- CVE-2024-38636: f2fs: multidev: fix to recognize valid zero block address (bsc#1226879).
- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).
- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
- CVE-2024-39276: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993).
- CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
- CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990).
- CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103.
- CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432).
- CVE-2024-39474: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL (bsc#1227434).
- CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447).
- CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)
- CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).
- CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
- CVE-2024-39496: btrfs: zoned: fix use-after-free due to race with dev replace (bsc#1227719).
- CVE-2024-39498: drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2 (bsc#1227723)
- CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755).
- CVE-2024-39504: netfilter: nft_inner: validate mandatory meta and payload (bsc#1227757).
- CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).
- CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).
- CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763).
- CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783).
- CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (bsc#1227779).
- CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).
- CVE-2024-40925: block: fix request.queuelist usage in flush (bsc#1227789).
- CVE-2024-40928: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() (bsc#1227788).
- CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780).
- CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797).
- CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
- CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800).
- CVE-2024-40947: ima: Avoid blocking in RCU read-side critical section (bsc#1227803).
- CVE-2024-40948: mm/page_table_check: fix crash on ZONE_DEVICE (bsc#1227801).
- CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).
- CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813).
- CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814).
- CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).
- CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).
- CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910).
- CVE-2024-40975: platform/x86: x86-android-tablets: Unregister devices in reverse order (bsc#1227926).
- CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (bsc#1227866).
- CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).
- CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862).
- CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405).
- CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).
- CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).
- CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
- CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).
The following non-security bugs were fixed:
- 9p: add missing locking around taking dentry fid list (git-fixes)
- accel/ivpu: Fix deadlock in context_xa (git-fixes).
- ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).
- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).
- ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).
- ACPICA: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes).
- ACPICA: Revert 'ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.' (git-fixes).
- ACPI: CPPC: Fix access width used for PCC registers (git-fixes).
- ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro (git-fixes).
- ACPI: CPPC: Use access_width over bit_width for system memory accesses (stable-fixes).
- ACPI: disable -Wstringop-truncation (git-fixes).
- ACPI: EC: Abort address space access upon error (stable-fixes).
- ACPI: EC: Avoid returning AE_OK on errors in address space handler (stable-fixes).
- ACPI: EC: Evaluate orphan _REG under EC device (git-fixes).
- ACPI: EC: Install address space handler at the namespace root (stable-fixes).
- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).
- ACPI: LPSS: Advertise number of chip selects via property (git-fixes).
- ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (git-fixes).
- ACPI: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes).
- ACPI: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).
- ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes).
- ACPI: scan: Do not increase dep_unmet for already met dependencies (git-fixes).
- ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (bsc#1217750).
- ACPI: x86: Add PNP_UART1_SKIP quirk for Lenovo Blade2 tablets (stable-fixes).
- ACPI: x86: Force StorageD3Enable on more products (stable-fixes).
- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).
- Add console: Improve console_srcu_read_flags() comments device property: Add SOFTWARE_NODE() macro for defining software nodes device property: Add fwnode_name_eq() device property: Add fwnode_property_match_property_string() device property: Implement device_is_big_endian() device property: Implement device_is_compatible() nbcon: Provide functions for drivers to acquire console for non-printing. panic: Flush kernel log buffer at the end panic: Mark emergency section in oops panic: Mark emergency section in warn panic: add option to dump blocked tasks in panic_print panic: suppress gnu_printf warning printk: Add @flags argument for console_is_usable() printk: Add function to replay kernel log on consoles printk: Add kthread for all legacy consoles printk: Add non-BKL (nbcon) console basic infrastructure printk: Add notation to console_srcu locking printk: Atomic print in printk context on shutdown printk: Avoid console_lock dance if no legacy or boot consoles printk: Avoid false positive lockdep report for legacy printing printk: Check printk_deferred_enter()/_exit() usage printk: Check valid console index for preferred console printk: Constify name for add_preferred_console() printk: Coordinate direct printing in panic printk: Do not try to parse DEVNAME:0.0 console options printk: Flag register_console() if console is set on command line. printk: Let console_is_usable() handle nbcon printk: Make console_is_usable() available to nbcon printk: Make static printk buffers available to nbcon printk: Properly deal with nbcon consoles on seq init printk: Provide helper for message prepending printk: Provide threadprintk boot argument printk: Reduce pr_flush() pooling time printk: Remove the now superfluous sentinel elements from ctl_table array printk: Save console options for add_preferred_console_match() printk: Track nbcon consoles printk: Track registered boot consoles printk: fix illegal pbufs access for !CONFIG_PRINTK printk: flush consoles before checking progress printk: nbcon: Add acquire/release logic printk: nbcon: Add buffer management printk: nbcon: Add callbacks to synchronize with driver printk: nbcon: Add context to console_is_usable() printk: nbcon: Add detailed doc for write_atomic() printk: nbcon: Add emit function and callback function for atomic printing printk: nbcon: Add helper to assign priority based on CPU state printk: nbcon: Add ownership state functions printk: nbcon: Add printer thread wakeups printk: nbcon: Add sequence handling printk: nbcon: Add unsafe flushing on panic printk: nbcon: Allow drivers to mark unsafe regions and check state. printk: nbcon: Do not rely on proxy headers printk: nbcon: Implement emergency sections printk: nbcon: Introduce printing kthreads printk: nbcon: Provide function to flush using write_atomic() printk: nbcon: Provide function to reacquire ownership printk: nbcon: Remove return value for write_atomic() printk: nbcon: Show replay message on takeover printk: nbcon: Start printing threads printk: nbcon: Use driver synchronization while (un)registering printk: nbcon: Use nbcon consoles in console_flush_all() serial: convert uart sysrq handling to u8 serial: core: Add UPIO_UNKNOWN constant for unknown port type serial: core: Controller id cannot be negative serial: core: Fix serial core port id to not use port->line serial: core: Implement processing in port->lock wrapper serial: core: Introduce wrapper to set @uart_port->cons serial: core: Move struct uart_port::quirks closer to possible serial: core: Provide low-level functions to lock port serial: core: Update uart_poll_timeout() function to return unsigned long. serial: core: Use lock wrappers serial: core: do not kfree device managed data serial: core: fix -EPROBE_DEFER handling in init serial: make uart_insert_char() accept u8s serial: port: Introduce a common helper to read properties tty/sysrq: Replay kernel log messages on consoles via sysrq
- Add reference to L3 bsc#1225765 in BPF control flow graph and precision backtrack fixes (bsc#1225756) The L3 bsc#1225765 was created seperately since our customer requires PTF.
- admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes).
- ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
- ahci: asm1064: correct count of reported ports (stable-fixes).
- ALSA: aoa: avoid false-positive format truncation warning (git-fixes).
- ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).
- ALSA: core: Remove debugfs at disconnection (git-fixes).
- ALSA: dmaengine_pcm: terminate dmaengine before synchronize (stable-fixes).
- ALSA: dmaengine: Synchronize dma channel after drop() (stable-fixes).
- ALSA: emux: improve patch ioctl data validation (stable-fixes).
- ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).
- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).
- ALSA: hda: Add Intel BMG PCI ID and HDMI codec vid (stable-fixes).
- ALSA: hda: clarify Copyright information (stable-fixes).
- ALSA: hda/conexant: Mute speakers at suspend / shutdown (bsc#1228269).
- ALSA: hda: cs35l41: Add support for ASUS ROG 2024 Laptops (stable-fixes).
- ALSA: hda: cs35l41: Component should be unbound before deconstruction (git-fixes).
- ALSA: hda: cs35l41: Fix swapped l/r audio channels for Lenovo ThinBook 13x Gen4 (git-fixes).
- ALSA: hda: cs35l41: Ignore errors when configuring IRQs (stable-fixes).
- ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind() (git-fixes).
- ALSA: hda: cs35l41: Remove redundant argument to cs35l41_request_firmware_file() (stable-fixes).
- ALSA: hda: cs35l41: Remove Speaker ID for Lenovo Legion slim 7 16ARHA7 (git-fixes).
- ALSA: hda: cs35l41: Set the max PCM Gain using tuning setting (stable-fixes).
- ALSA: hda: cs35l41: Support HP Omen models without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo 13X laptop without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo Thinkbook 13x Gen 4 (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo Thinkbook 16P Gen 5 (stable-fixes).
- ALSA: hda: cs35l56: Add ACPI device match tables (git-fixes).
- ALSA: hda: cs35l56: Component should be unbound before deconstruction (git-fixes).
- ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot() (stable-fixes).
- ALSA: hda: cs35l56: Fix lifecycle of codec pointer (stable-fixes).
- ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance (git-fixes).
- ALSA: hda: cs35l56: Set the init_done flag before component_add() (git-fixes).
- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).
- ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown (bsc#1228269).
- ALSA: hda: hda_cs_dsp_ctl: Remove notification of driver write (stable-fixes).
- ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes).
- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).
- ALSA/hda: intel-dsp-config: reduce log verbosity (git-fixes).
- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).
- ALSA: hda/realtek: Add more codec ID to no shutup pins list (stable-fixes).
- ALSA: hda/realtek: add quirk for Clevo V5[46]0TU (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 14 eu0000 (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14AHP9 (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ARP8 (stable-fixes).
- ALSA: hda/realtek: Add quirks for ASUS Laptops using CS35L56 (stable-fixes).
- ALSA: hda/realtek: Add quirks for HP Omen models using CS35L41 (stable-fixes).
- ALSA: hda/realtek: Add quirks for Huawei Matebook D14 NBLB-WAX9N (stable-fixes).
- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).
- ALSA: hda/realtek: Add quirks for some Clevo laptops (stable-fixes).
- ALSA: hda/realtek: Add sound quirks for Lenovo Legion slim 7 16ARHA7 models (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook 2024 HN7306W (stable-fixes).
- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).
- ALSA: hda/realtek: cs35l41: Fixup remaining asus strix models (git-fixes).
- ALSA: hda/realtek: cs35l41: Support ASUS ROG G634JYR (stable-fixes).
- ALSA: hda/realtek: Drop doubly quirk entry for 103c:8a2e (git-fixes).
- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).
- ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).
- ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes).
- ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (stable-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP 250 G7 (stable-fixes).
- ALSA: hda/realtek: Fix build error without CONFIG_PM (stable-fixes).
- ALSA: hda/realtek: Fix conflicting PCI SSID 17aa:386f for Lenovo Legion models (bsc#1223462).
- ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes).
- ALSA: hda/realtek - fixed headset Mic not show (stable-fixes).
- ALSA: hda/realtek: Fixes for Asus GU605M and GA403U sound (stable-fixes).
- ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
- ALSA: hda/realtek: Fix internal speakers for Legion Y9000X 2022 IAH7 (stable-fixes).
- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for EliteBook 645/665 G11 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes).
- ALSA: hda/realtek: fix the hp playback volume issue for LG machines (stable-fixes).
- ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 (stable-fixes).
- ALSA: hda/realtek: Fix volumn control of ThinkBook 16P Gen4 (git-fixes).
- ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes).
- ALSA: hda/realtek: Limit mic boost on VAIO PRO PX (stable-fixes).
- ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes).
- ALSA: hda/realtek - Set GPIO3 to default at S4 state for Thinkpad with ALC1318 (stable-fixes).
- ALSA: hda/realtek: Support Lenovo Thinkbook 13x Gen 4 (stable-fixes).
- ALSA: hda/realtek: Support Lenovo Thinkbook 16P Gen 5 (stable-fixes).
- ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx (stable-fixes).
- ALSA: hda/tas2781: add locks to kcontrols (git-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo Hera2 Laptop (stable-fixes).
- ALSA: hda/tas2781: Add new vendor_id and subsystem_id to support ThinkPad ICE-1 (stable-fixes).
- ALSA: hda: tas2781: Component should be unbound before deconstruction (git-fixes).
- ALSA: hda/tas2781: correct the register for pow calibrated data (git-fixes).
- ALSA: hda/tas2781: remove digital gain kcontrol (git-fixes).
- ALSA: line6: Zero-initialize message buffers (stable-fixes).
- ALSA: PCM: Allow resume only for suspended streams (stable-fixes).
- ALSA: pcm_dmaengine: Do not synchronize DMA channel when DMA is paused (git-fixes).
- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).
- ALSA: scarlett2: Add missing error check to scarlett2_config_save() (git-fixes).
- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
- ALSA: seq: Do not clear bank selection at event -> UMP MIDI2 conversion (git-fixes).
- ALSA: seq: Fix incorrect UMP type for system messages (git-fixes).
- ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion (git-fixes).
- ALSA: seq: Fix missing channel at encoding RPN/NRPN MIDI2 messages (git-fixes).
- ALSA: seq: Fix missing MSB in MIDI2 SPP conversion (git-fixes).
- ALSA: seq: Fix yet another spot for system message conversion (git-fixes).
- ALSA: seq: ump: Fix conversion from MIDI2 to MIDI1 UMP messages (git-fixes).
- ALSA: seq: ump: Fix missing System Reset message handling (git-fixes).
- ALSA: seq: ump: Fix swapped song position pointer data (git-fixes).
- ALSA: seq: ump: Skip useless ports for static blocks (git-fixes).
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).
- ALSA: timer: Set lower bound of start tick time (stable-fixes).
- ALSA: ump: Do not accept an invalid UMP protocol number (git-fixes).
- ALSA: ump: Do not clear bank selection after sending a program change (git-fixes).
- ALSA: ump: Force 1 Group for MIDI1 FBs (git-fixes).
- ALSA: ump: Set default protocol when not given explicitly (git-fixes).
- ALSA: usb-audio: Add a quirk for Sonix HD USB Camera (stable-fixes).
- ALSA: usb-audio: Add sampling rates support for Mbox3 (stable-fixes).
- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (stable-fixes).
- ALSA: usb-audio: Fix microphone sound on HD webcam (stable-fixes).
- ALSA: usb-audio: Move HD Webcam quirk to the right place (git-fixes).
- amd/amdkfd: sync all devices to wait all processes being evicted (stable-fixes).
- amdkfd: use calloc instead of kzalloc to avoid integer overflow (stable-fixes).
- arm64: Add the arm64.no32bit_el0 command line option (jsc#PED-3184).
- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).
- arm64: bpf: fix 32bit unconditional bswap (git-fixes).
- arm64: dts: allwinner: h616: Fix I2C0 pins (git-fixes)
- arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)
- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
- arm64: dts: Fix dtc interrupt_provider warnings (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: enable hysteresis on slow input (git-fixes)
- arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)
- arm64: dts: imx8qm-mek: fix gpio number for reg_usdhc2_vmmc (git-fixes)
- arm64: dts: imx8qm-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: imx8-ss-conn: fix usb lpcg indices (git-fixes)
- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
- arm64: dts: imx8-ss-dma: fix adc lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix spi lpcg indices (git-fixes)
- arm64: dts: imx8-ss-lsio: fix pwm lpcg indices (git-fixes)
- arm64: dts: imx93-11x11-evk: Remove the 'no-sdio' property (git-fixes)
- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
- arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: Add mdio and ethernet-phy nodes to (git-fixes)
- arm64: dts: rockchip: Add missing power-domains for rk356x vop_mmu (git-fixes)
- arm64: dts: rockchip: Add pinctrl for UART0 to rk3308-rock-pi-s (git-fixes)
- arm64: dts: rockchip: Add sdmmc related properties on (git-fixes)
- arm64: dts: rockchip: Add sound-dai-cells for RK3368 (git-fixes)
- arm64: dts: rockchip: Drop invalid mic-in-differential on (git-fixes)
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)
- arm64: dts: rockchip: Fix mic-in-differential usage on (git-fixes)
- arm64: dts: rockchip: Fix mic-in-differential usage on rk3566-roc-pc (git-fixes)
- arm64: dts: rockchip: fix PMIC interrupt pin on ROCK Pi E (git-fixes)
- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
- arm64: dts: rockchip: Fix SD NAND and eMMC init on rk3308-rock-pi-s (git-fixes)
- arm64: dts: rockchip: Fix the DCDC_REG2 minimum voltage on Quartz64 (git-fixes)
- arm64: dts: rockchip: Fix the value of `dlg,jack-det-rate` mismatch (git-fixes)
- arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)
- arm64: dts: rockchip: regulator for sd needs to be always on for (git-fixes)
- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
- arm64: dts: rockchip: Rename LED related pinctrl nodes on (git-fixes)
- arm64: dts: rockchip: set PHY address of MT7531 switch to 0x1f (git-fixes)
- arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H (git-fixes).
- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
- arm64/io: add constant-argument check (bsc#1226502 git-fixes)
- arm64/io: Provide a WC friendly __iowriteXX_copy() (bsc#1226502)
- arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8688).
- arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8688).
- arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8688).
- arm64/ptrace: Use saved floating point state type to determine SVE (git-fixes)
- arm64/sve: Lower the maximum allocation for the SVE ptrace regset (git-fixes)
- arm64: tegra: Correct Tegra132 I2C alias (git-fixes)
- arm64: tegra: Set the correct PHY mode for MGBE (git-fixes)
- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).
- ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (git-fixes).
- ARM: imx_v6_v7_defconfig: Restore CONFIG_BACKLIGHT_CLASS_DEVICE (git-fixes).
- ARM: OMAP2+: fix N810 MMC gpiod table (git-fixes).
- ARM: OMAP2+: fix USB regression on Nokia N8x0 (git-fixes).
- arm_pmu: acpi: Add a representative platform device for TRBE (bsc#1220587)
- arm_pmu: acpi: Refactor arm_spe_acpi_register_device() (bsc#1220587)
- ARM: prctl: reject PR_SET_MDWE on pre-ARMv6 (stable-fixes).
- ARM: s5pv210: fix pm.c kernel-doc warning (git-fixes).
- asm-generic: make sparse happy with odd-sized put_unaligned_*() (stable-fixes).
- ASoC: acp: Support microphone from device Acer 315-24p (git-fixes).
- ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes).
- ASoC: amd: acp: fix for acp_init function error handling (git-fixes).
- ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git-fixes).
- ASoC: amd: Adjust error handling in case of absent codec device (git-fixes).
- ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS M5602RA (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS M7600RE (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 (stable-fixes).
- ASoC: amd: yc: Revert 'Fix non-functional mic on Lenovo 21J2' (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E16 Gen 2 (bsc#1228269).
- ASoC: codecs: wsa881x: set clk_stop_mode1 flag (git-fixes).
- ASoC: cs35l56: Accept values greater than 0 as IRQ numbers (git-fixes).
- ASoC: cs35l56: Fix unintended bus access while resetting amp (git-fixes).
- ASoC: cs35l56: Prevent overwriting firmware ASP config (git-fixes).
- ASoC: da7219-aad: fix usage of device_get_named_child_node() (git-fixes).
- ASoC: fsl-asoc-card: set priv->pdev before using it (git-fixes).
- ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value (git-fixes).
- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).
- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).
- ASoC: Intel: avs: Populate board selection with new I2S entries (stable-fixes).
- ASoC: Intel: avs: Set name of control as in topology (git-fixes).
- ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).
- ASoC: Intel: avs: Test result of avs_get_module_entry() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too (git-fixes).
- ASoC: Intel: common: add ACPI matching tables for Arrow Lake (stable-fixes).
- ASoC: Intel: common: DMI remap for rebranded Intel NUC M15 (LAPRC710) laptops (stable-fixes).
- ASoC: Intel: Disable route checks for Skylake boards (git-fixes).
- ASoC: Intel: sof_sdw: add JD2 quirk for HP Omen 14 (stable-fixes).
- ASoC: Intel: sof_sdw: add quirk for Dell SKU 0C0F (stable-fixes).
- ASoC: Intel: sof-sdw: really remove FOUR_SPEAKER quirk (git-fixes).
- ASoC: Intel: use soc_intel_is_byt_cr() only when IOSF_MBI is reachable (git-fixes).
- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).
- ASoC: max98088: Check for clk_prepare_enable() error (git-fixes).
- ASoC: mediatek: Assign dummy when codec not specified for a DAI link (git-fixes).
- ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).
- ASoC: meson: axg-card: make links nonatomic (git-fixes).
- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).
- ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).
- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).
- ASoC: q6apm-lpass-dai: close graph on prepare errors (git-fixes).
- ASoC: qcom: Adjust issues in case of DT error in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
- ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates (git-fixes).
- ASoC: rockchip: i2s-tdm: Fix trcm mode by setting clock on right mclk (git-fixes).
- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (git-fixes).
- ASoC: rt5645: Make LattePanda board DMI match more precise (stable-fixes).
- ASoC: rt5682-sdw: fix locking sequence (git-fixes).
- ASoC: rt711-sdca: fix locking sequence (git-fixes).
- ASoC: rt711-sdw: add missing readable registers (stable-fixes).
- ASoC: rt711-sdw: fix locking sequence (git-fixes).
- ASoC: rt712-sdca-sdw: fix locking sequence (git-fixes).
- ASoC: rt715: add vendor clear control register (git-fixes).
- ASoC: rt715-sdca: volume step modification (git-fixes).
- ASoC: rt722-sdca: add headset microphone vrefo setting (git-fixes).
- ASoC: rt722-sdca: modify channel number to support 4 channels (git-fixes).
- ASoC: rt722-sdca-sdw: add debounce time for type detection (stable-fixes).
- ASoC: rt722-sdca-sdw: add silence detection register as volatile (stable-fixes).
- ASoC: rt722-sdca-sdw: fix locking sequence (git-fixes).
- ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
- ASoC: sof: amd: fix for firmware reload failure in Vangogh platform (git-fixes).
- ASoC: SOF: amd: Optimize quirk for Valve Galileo (stable-fixes).
- ASoC: SOF: imx8m: Fix DSP control regmap retrieval (git-fixes).
- ASoC: SOF: Intel: add default firmware library path for LNL (git-fixes).
- ASoC: SOF: Intel: hda-dsp: Skip IMR boot on ACE platforms in case of S3 suspend (stable-fixes).
- ASoC: SOF: Intel: hda: fix null deref on system suspend entry (git-fixes).
- ASoC: SOF: Intel: hda-pcm: Limit the maximum number of periods by MAX_BDL_ENTRIES (stable-fixes).
- ASoC: SOF: Intel: lnl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails (stable-fixes).
- ASoC: SOF: Intel: mtl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed (git-fixes).
- ASoC: SOF: Intel: mtl: Implement firmware boot state check (git-fixes).
- ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend (stable-fixes).
- ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension (git-fixes).
- ASoC: SOF: ipc4-topology: Preserve the DMA Link ID for ChainDMA on unprepare (git-fixes).
- ASoC: SOF: ipc4-topology: Use correct queue_id for requesting input pin format (stable-fixes).
- ASoC: SOF: pcm: Restrict DSP D0i3 during S0ix to IPC3 (stable-fixes).
- ASoC: SOF: sof-audio: Skip unprepare for in-use widgets on error rollback (stable-fixes).
- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).
- ASoc: tas2781: Enable RCA-based playback without DSP firmware download (git-fixes).
- ASoC: tas2781: Fix a warning reported by robot kernel test (git-fixes).
- ASoC: TAS2781: Fix tasdev_load_calibrated_data() (git-fixes).
- ASoC: tas2781: Fix wrong loading calibrated data sequence (git-fixes).
- ASoC: tas2781: mark dvc_tlv with __maybe_unused (git-fixes).
- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
- ASoC: ti: Convert Pandora ASoC to GPIO descriptors (stable-fixes).
- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
- ASoC: ti: davinci-mcasp: Set min period size using FIFO config (stable-fixes).
- ASoC: ti: omap-hdmi: Fix too long driver name (stable-fixes).
- ASoC: tlv320adc3xxx: Do not strip remove function when driver is builtin (git-fixes).
- ASoC: topology: Do not assign fields that are already set (stable-fixes).
- ASoC: topology: Fix references to freed memory (stable-fixes).
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).
- ASoC: wm_adsp: Add missing MODULE_DESCRIPTION() (git-fixes).
- ASoC: wm_adsp: Fix missing mutex_lock in wm_adsp_write_ctl() (git-fixes).
- ata: ahci: Clean up sysfs file on error (git-fixes).
- ata: libata-core: Allow command duration limits detection for ACS-4 drives (git-fixes).
- ata: libata-core: Fix double free on error (git-fixes).
- ata: libata-core: Fix null pointer dereference on error (git-fixes).
- ata: pata_legacy: make legacy_exit() work again (git-fixes).
- ata: sata_gemini: Check clk_enable() result (stable-fixes).
- ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-fixes).
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).
- ata,scsi: libata-core: Do not leak memory for ata_port struct members (git-fixes).
- autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).
- auxdisplay: ht16k33: Drop reference after LED registration (git-fixes).
- ax25: Fix netdev refcount issue (git-fixes).
- ax25: Fix refcount imbalance on inbound connections (git-fixes).
- ax25: Fix reference count leak issue of net_device (git-fixes).
- ax25: Fix reference count leak issues of ax25_dev (git-fixes).
- ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).
- batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
- batman-adv: bypass empty buckets in batadv_purge_orig_ref() (stable-fixes).
- batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes).
- bitops: add missing prototype check (git-fixes).
- blk-cgroup: fix list corruption from reorder of WRITE ->lqueued (bsc#1225605).
- blk-cgroup: fix list corruption from resetting io stat (bsc#1225605).
- block: fix q->blkg_list corruption during disk rebind (bsc#1223591).
- block: Move checking GENHD_FL_NO_PART to bdev_add_partition() (bsc#1226213).
- Bluetooth: Add new quirk for broken read key length on ATS2851 (stable-fixes).
- Bluetooth: add quirk for broken address properties (git-fixes).
- Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (stable-fixes).
- Bluetooth: btintel: Fixe build regression (git-fixes).
- Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).
- Bluetooth: btintel: Refactor btintel_set_ppag() (git-fixes).
- Bluetooth: btnxpuart: Add handling for boot-signature timeout errors (git-fixes).
- Bluetooth: btnxpuart: Enable Power Save feature on startup (stable-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).
- Bluetooth: btusb: Fix triggering coredump implementation for QCA (git-fixes).
- Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).
- Bluetooth: hci_bcm4377: Fix msgid release (git-fixes).
- Bluetooth: hci_bcm4377: Use correct unit for timeouts (git-fixes).
- Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (stable-fixes).
- Bluetooth: hci_core: Cancel request on command timeout (stable-fixes).
- bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX (git-fixes).
- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
- Bluetooth: hci_event: Fix setting of unicast qos interval (git-fixes).
- Bluetooth: hci_event: Remove code to removed CONFIG_BT_HS (stable-fixes).
- Bluetooth: hci_event: Set QoS encryption from BIGInfo report (git-fixes).
- Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).
- Bluetooth: HCI: Fix potential null-ptr-deref (git-fixes).
- Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: hci_sync: Fix not checking error on hci_cmd_sync_cancel_sync (git-fixes).
- Bluetooth: hci_sync: Fix using the same interval and window for Coded PHY (git-fixes).
- Bluetooth: hci_sync: Use QoS to determine which PHY to scan (stable-fixes).
- Bluetooth: Ignore too large handle values in BIG (git-fixes).
- Bluetooth: ISO: Align broadcast sync_timeout with connection timeout (stable-fixes).
- Bluetooth: ISO: Check socket flag instead of hcon (git-fixes).
- Bluetooth: ISO: Do not reject BT_ISO_QOS if parameters are unset (git-fixes).
- Bluetooth: ISO: Fix BIS cleanup (stable-fixes).
- Bluetooth: l2cap: Do not double set the HCI_CONN_MGMT_CONNECTED bit (git-fixes).
- Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).
- Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes).
- Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() (git-fixes).
- Bluetooth: MGMT: Fix failing to MGMT_OP_ADD_UUID/MGMT_OP_REMOVE_UUID (bsc#1221504).
- Bluetooth: mgmt: Fix limited discoverable off timeout (stable-fixes).
- Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).
- Bluetooth: qca: add missing firmware sanity checks (git-fixes).
- Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot (git-fixes).
- Bluetooth: qca: fix device-address endianness (git-fixes).
- Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).
- Bluetooth: qca: fix firmware check error path (git-fixes).
- Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev setup (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
- Bluetooth: qca: fix NVM configuration parsing (git-fixes).
- Bluetooth: qca: set power_ctrl_enabled on NULL returned by gpiod_get_optional() (git-fixes).
- Bluetooth: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
- bnx2x: Fix firmware version string character counts (git-fixes).
- bnxt_en: Fix error recovery for RoCE ulp client (git-fixes).
- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (git-fixes).
- bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes).
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)
- bootconfig: Fix the kerneldoc of _xbc_exit() (git-fixes).
- bootconfig: use memblock_free_late to free xbc memory to buddy (git-fixes).
- bootmem: use kmemleak_free_part_phys in free_bootmem_page (git-fixes).
- bootmem: use kmemleak_free_part_phys in put_page_bootmem (git-fixes).
- bpf, arm64: fix bug in BPF_LDX_MEMSX (git-fixes)
- bpf, arm64: Fix incorrect runtime stats (git-fixes)
- bpf: check bpf_func_state->callback_depth when pruning states (bsc#1225903).
- bpf: correct loop detection for iterators convergence (bsc#1225903).
- bpf: exact states comparison for iterator convergence checks (bsc#1225903).
- bpf: extract __check_reg_arg() utility function (bsc#1225903).
- bpf: extract same_callsites() as utility function (bsc#1225903).
- bpf: extract setup_func_entry() utility function (bsc#1225903).
- bpf: fix precision backtracking instruction iteration (bsc#1225756).
- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).
- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).
- bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903).
- bpf: move explored_state() closer to the beginning of verifier.c (bsc#1225903).
- bpf: print full verifier states on infinite loop detection (bsc#1225903).
- bpf: Remove xdp_do_flush_map() (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- bpf, scripts: Correct GPL license name (git-fixes).
- bpf: verify callbacks as if they are called unknown number of times (bsc#1225903).
- bpf: widening for callback iterators (bsc#1225903).
- btrfs: add a helper to read the superblock metadata_uuid (git-fixes)
- btrfs: add and use helper to check if block group is used (bsc#1220120).
- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: add new unused block groups to the list of unused block groups (bsc#1220120).
- btrfs: allow to run delayed refs by bytes to be released instead of count (bsc#1220120).
- btrfs: always clear PERTRANS metadata during commit (git-fixes)
- btrfs: always print transaction aborted messages with an error level (git-fixes)
- btrfs: always reserve space for delayed refs when starting transaction (bsc#1220120).
- btrfs: assert correct lock is held at btrfs_select_ref_head() (bsc#1220120).
- btrfs: assert delayed node locked when removing delayed item (git-fixes)
- btrfs: avoid start and commit empty transaction when flushing qgroups (bsc#1220120).
- btrfs: avoid start and commit empty transaction when starting qgroup rescan (bsc#1220120).
- btrfs: avoid starting and committing empty transaction when flushing space (bsc#1220120).
- btrfs: avoid starting new transaction when flushing delayed items and refs (bsc#1220120).
- btrfs: check for BTRFS_FS_ERROR in pending ordered assert (git-fixes)
- btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super (git-fixes)
- btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size (git-fixes)
- btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args (git-fixes)
- btrfs: do not allow non subvolume root targets for snapshot (git-fixes)
- btrfs: do not arbitrarily slow down delalloc if we're committing (git-fixes)
- btrfs: do not delete unused block group if it may be used soon (bsc#1220120).
- btrfs: do not refill whole delayed refs block reserve when starting transaction (bsc#1220120).
- btrfs: do not start transaction when joining with TRANS_JOIN_NOSTART (git-fixes)
- btrfs: do not steal space from global rsv after a transaction abort (bsc#1220120).
- btrfs: do not warn if discard range is not aligned to sector (git-fixes)
- btrfs: ensure fiemap does not race with writes when FIEMAP_FLAG_SYNC is given (bsc#1223285).
- btrfs: error out when COWing block using a stale transaction (git-fixes)
- btrfs: error out when reallocating block for defrag using a stale transaction (git-fixes)
- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)
- btrfs: fail priority metadata ticket with real fs error (bsc#1220120).
- btrfs: file_remove_privs needs an exclusive lock in direct io write (git-fixes)
- btrfs: fix 64bit compat send ioctl arguments not initializing version member (git-fixes)
- btrfs: fix deadlock with fiemap and extent locking (bsc#1223285).
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)
- btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send() (git-fixes)
- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)
- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)
- btrfs: fix off-by-one when checking chunk map includes logical address (git-fixes)
- btrfs: fix race between ordered extent completion and fiemap (bsc#1223285).
- btrfs: fix race when detecting delalloc ranges during fiemap (bsc#1223285).
- btrfs: fix race when refilling delayed refs block reserve (git-fixes)
- btrfs: fix start transaction qgroup rsv double free (git-fixes)
- btrfs: fix stripe length calculation for non-zoned data chunk allocation (bsc#1217489).
- btrfs: fix wrong block_start calculation for btrfs_drop_extent_map_range() (git-fixes) Dropped hunk in selftests (test_case_7), 92e1229b204d6.
- btrfs: free qgroup rsv on io failure (git-fixes)
- btrfs: free the allocated memory if btrfs_alloc_page_array() fails (git-fixes)
- btrfs: get rid of label and goto at insert_delayed_ref() (bsc#1220120).
- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: handle errors properly in update_inline_extent_backref() (git-fixes)
- btrfs: initialize key where it's used when running delayed data ref (bsc#1220120).
- btrfs: log message if extent item not found when running delayed extent op (bsc#1220120).
- btrfs: make btrfs_cleanup_fs_roots() static (bsc#1220120).
- btrfs: make btrfs_destroy_delayed_refs() return void (bsc#1220120).
- btrfs: make btrfs_destroy_marked_extents() return void (bsc#1220120).
- btrfs: make btrfs_destroy_pinned_extent() return void (bsc#1220120).
- btrfs: make error messages more clear when getting a chunk map (git-fixes)
- btrfs: make find_first_extent_bit() return a boolean (bsc#1220120).
- btrfs: make find_free_dev_extent() static (bsc#1220120).
- btrfs: make insert_delayed_ref() return a bool instead of an int (bsc#1220120).
- btrfs: merge find_free_dev_extent() and find_free_dev_extent_start() (bsc#1220120).
- btrfs: move btrfs_free_excluded_extents() into block-group.c (bsc#1220120).
- btrfs: open code trivial btrfs_add_excluded_extent() (bsc#1220120).
- btrfs: output extra debug info if we failed to find an inline backref (git-fixes)
- btrfs: pass a space_info argument to btrfs_reserve_metadata_bytes() (bsc#1220120).
- btrfs: prevent transaction block reserve underflow when starting transaction (git-fixes)
- btrfs: print available space across all block groups when dumping space info (bsc#1220120).
- btrfs: print available space for a block group when dumping a space info (bsc#1220120).
- btrfs: print block group super and delalloc bytes when dumping space info (bsc#1220120).
- btrfs: print target number of bytes when dumping free space (bsc#1220120).
- btrfs: qgroup: always free reserved space for extent records (bsc#1216196).
- btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans (git-fixes)
- btrfs: record delayed inode root in transaction (git-fixes)
- btrfs: reject encoded write if inode has nodatasum flag set (git-fixes)
- btrfs: release path before inode lookup during the ino lookup ioctl (git-fixes)
- btrfs: remove pointless initialization at btrfs_delayed_refs_rsv_release() (bsc#1220120).
- btrfs: remove pointless in_tree field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: remove pointless 'ref_root' variable from run_delayed_data_ref() (bsc#1220120).
- btrfs: remove redundant BUG_ON() from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_add argument from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_drop argument from __btrfs_free_extent() (bsc#1220120).
- btrfs: remove the refcount warning/check at btrfs_put_delayed_ref() (bsc#1220120).
- btrfs: remove unnecessary logic when running new delayed references (bsc#1220120).
- btrfs: remove unnecessary prototype declarations at disk-io.c (bsc#1220120).
- btrfs: remove unused is_head field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: rename add_new_free_space() to btrfs_add_new_free_space() (bsc#1220120).
- btrfs: reorder some members of struct btrfs_delayed_ref_head (bsc#1220120).
- btrfs: reserve space for delayed refs on a per ref basis (bsc#1220120).
- btrfs: reset destination buffer when read_extent_buffer() gets invalid range (git-fixes)
- btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to 1 (git-fixes)
- btrfs: return -EUCLEAN if extent item is missing when searching inline backref (bsc#1220120).
- btrfs: return real error when orphan cleanup fails due to a transaction abort (bsc#1220120).
- btrfs: send: do not issue unnecessary zero writes for trailing hole (bsc#1222459).
- btrfs: send: ensure send_fd is writable (git-fixes)
- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)
- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)
- btrfs: set page extent mapped after read_folio in relocate_one_page (git-fixes)
- btrfs: simplify check for extent item overrun at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: stop doing excessive space reservation for csum deletion (bsc#1220120).
- btrfs: store the error that turned the fs into error state (bsc#1220120).
- btrfs: sysfs: validate scrub_speed_max value (git-fixes)
- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)
- btrfs: update comment for btrfs_join_transaction_nostart() (bsc#1220120).
- btrfs: update documentation for add_new_free_space() (bsc#1220120).
- btrfs: use a bool to track qgroup record insertion when adding ref head (bsc#1220120).
- btrfs: use a single switch statement when initializing delayed ref head (bsc#1220120).
- btrfs: use a single variable for return value at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: use a single variable for return value at run_delayed_extent_op() (bsc#1220120).
- btrfs: use bool type for delayed ref head fields that are used as booleans (bsc#1220120).
- btrfs: use the correct superblock to compare fsid in btrfs_validate_super (git-fixes)
- btrfs: use u64 for buffer sizes in the tree search ioctls (git-fixes)
- btrfs: zoned: do not skip block groups with 100% zone unusable (bsc#1220120).
- bus: mhi: ep: check the correct variable in mhi_ep_register_controller() (git-fixes).
- bus: mhi: host: allow MHI client drivers to provide the firmware via a pointer (bsc#1227149).
- bytcr_rt5640 : inverse jack detect for Archos 101 cesium (stable-fixes).
- cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd (git-fixes).
- cachefiles: remove requests from xarray during flushing requests (bsc#1226588).
- can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct (git-fixes).
- can: kvaser_usb: fix return value for hif_usb_send_regout (stable-fixes).
- can: mcp251xfd: fix infinite loop when xmit fails (git-fixes).
- cdrom: rearrange last_media_change check to avoid unintentional overflow (stable-fixes).
- ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022).
- ceph: always check dir caps asynchronously (bsc#1226022).
- ceph: always queue a writeback when revoking the Fb caps (bsc#1226022).
- ceph: break the check delayed cap loop every 5s (bsc#1226022).
- ceph: fix incorrect kmalloc size of pagevec mempool (bsc#1228417).
- ceph: redirty page before returning AOP_WRITEPAGE_ACTIVATE (bsc#1224866).
- ceph: stop copying to iter at EOF on sync reads (bsc#1222606).
- ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022).
- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (git-fixes).
- checkpatch: really skip LONG_LINE_* when LONG_LINE is ignored (git-fixes).
- cifs: Add a laundromat thread for cached directories (git-fixes, bsc#1225172).
- clk: davinci: da8xx-cfgchip: Initialize clk_init_data before use (git-fixes).
- clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).
- clk: Get runtime PM before walking tree during disable_unused (git-fixes).
- clk: Get runtime PM before walking tree for clk_summary (git-fixes).
- clk: Initialize struct clk_core kref earlier (stable-fixes).
- clk: mediatek: Do a runtime PM get on controllers during probe (git-fixes).
- clk: mediatek: mt8183: Only enable runtime PM on mt8183-mfgcfg (git-fixes).
- clk: mediatek: mt8365-mm: fix DPI0 parent (git-fixes).
- clk: mediatek: pllfh: Do not log error for missing fhctl node (git-fixes).
- clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs (git-fixes).
- clk: qcom: clk-alpha-pll: remove invalid Stromer register offset (git-fixes).
- clk: qcom: clk-alpha-pll: set ALPHA_EN bit for Stromer Plus PLLs (git-fixes).
- clk: qcom: dispcc-sm6350: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8450: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8550: fix DisplayPort clocks (git-fixes).
- clk: qcom: gcc-sm6350: Fix gpll6* & gpll7 parents (git-fixes).
- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).
- clk: qcom: reset: Commonize the de/assert functions (stable-fixes).
- clk: qcom: reset: Ensure write completion on reset de/assertion (git-fixes).
- clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).
- clk: renesas: r8a779a0: Fix CANFD parent clock (git-fixes).
- clk: renesas: r9a07g043: Add clock and reset entry for PLIC (git-fixes).
- clk: rs9: fix wrong default value for clock amplitude (git-fixes).
- clk: samsung: exynosautov9: fix wrong pll clock id value (git-fixes).
- clk: Show active consumers of clocks in debugfs (stable-fixes).
- clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (git-fixes).
- clocksource/drivers/arm_global_timer: Fix maximum prescaler value (git-fixes).
- clocksource/drivers/imx: Fix -Wunused-but-set-variable warning (git-fixes).
- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
- config/arm64: Enable CoreSight PMU drivers (bsc#1228289 jsc#PED-7859)
- coresight: trbe: Add a representative coresight_platform_data for (bsc#1220587)
- coresight: trbe: Allocate platform data per device (bsc#1220587)
- coresight: trbe: Enable ACPI based TRBE devices (bsc#1220587)
- counter: linux/counter.h: fix Excess kernel-doc description warning (git-fixes).
- counter: ti-eqep: enable clock at probe (git-fixes).
- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).
- cpufreq: amd-pstate: fix memory leak on CPU EPP exit (stable-fixes).
- cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes).
- cpufreq/amd-pstate: Fix the scaling_max_freq setting on shared memory CPPC systems (git-fixes).
- cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations (git-fixes).
- cpufreq: exit() callback is optional (git-fixes).
- cpufreq: ti-cpufreq: Handle deferred probe with dev_err_probe() (git-fixes).
- cpumask: Add for_each_cpu_from() (bsc#1225053).
- crypto: aead,cipher - zeroize key buffer after use (stable-fixes).
- crypto: bcm - Fix pointer arithmetic (git-fixes).
- crypto: ccp - Add support for PCI device 0x156E (bsc#1223338).
- crypto: ccp - Add support for PCI device 0x17E0 (bsc#1223338).
- crypto: ccp - drop platform ifdef checks (git-fixes).
- crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked (git-fixes).
- crypto: deflate - Add aliases to deflate (bsc#1227190).
- crypto: ecc - update ecc_gen_privkey for FIPS 186-5 (bsc#1222782).
- crypto: ecdh - explicitly zeroize private_key (stable-fixes).
- crypto/ecdh: make ecdh_compute_value() to zeroize the public key (bsc#1222768).
- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).
- crypto: ecdsa - Fix the public key format description (git-fixes).
- crypto/ecdsa: make ecdsa_ecc_ctx_deinit() to zeroize the public key (bsc#1222768).
- crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes).
- crypto: hisilicon/debugfs - Fix debugfs uninit process issue (stable-fixes).
- crypto: hisilicon/qm - Add the err memory release process to qm uninit (stable-fixes).
- crypto: hisilicon/sec - Fix memory leak for sec resource release (stable-fixes).
- crypto: iaa - Account for cpu-less numa nodes (bsc#1227190).
- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init (git-fixes).
- crypto: qat - extend scope of lock in adf_cfg_add_key_value_param() (git-fixes).
- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (git-fixes).
- crypto: qat - fix ring to service map for dcc in 4xxx (git-fixes).
- crypto: qat - improve error logging to be consistent across features (git-fixes).
- crypto: qat - relocate and rename get_service_enabled() (stable-fixes).
- crypto: qat - specify firmware files for 402xx (git-fixes).
- crypto: rsa - add a check for allocation failure (bsc#1222775).
- crypto: rsa - allow only odd e and restrict value in FIPS mode (bsc#1222775).
- crypto: testmgr - remove unused xts4096 and xts512 algorithms from testmgr.c (bsc#1222769).
- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).
- cxgb4: Properly lock TX queue for the selftest (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- cxl/acpi: Fix load failures due to single window creation failure (git-fixes).
- cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window (git-fixes).
- cxl/region: Fix cxlr_pmem leaks (git-fixes).
- cxl/region: Fix memregion leaks in devm_cxl_add_region() (git-fixes).
- cxl/test: Add missing vmalloc.h for tools/testing/cxl/test/mem.c (git-fixes).
- cxl/trace: Correct DPA field masks for general_media & dram events (git-fixes).
- cxl/trace: Properly initialize cxl_poison region name (git-fixes).
- dax: alloc_dax() return ERR_PTR(-EOPNOTSUPP) for CONFIG_DAX=n (jsc#PED-5853).
- dax/bus.c: replace driver-core lock usage by a local rwsem (jsc#PED-5853).
- dax/bus.c: replace several sprintf() with sysfs_emit() (jsc#PED-5853).
- decompress_bunzip2: fix rare decompression failure (git-fixes).
- device-dax: make dax_bus_type const (jsc#PED-5853).
- devres: Fix devm_krealloc() wasting memory (git-fixes).
- devres: Fix memory leakage caused by driver API devm_free_percpu() (git-fixes).
- dlm: fix user space lkb refcounting (git-fixes).
- dlm: fix user space lock decision to copy lvb (git-fixes).
- dma-buf: Fix NULL pointer dereference in sanitycheck() (git-fixes).
- dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (git-fixes).
- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).
- dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).
- dmaengine: idxd: Avoid unnecessary destruction of file_ida (git-fixes).
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
- dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git-fixes).
- dmaengine: ioatdma: Fix error path in ioat3_dma_probe() (git-fixes).
- dmaengine: ioatdma: Fix kmemleak in ioat_pci_probe() (git-fixes).
- dmaengine: ioatdma: Fix leaking on version mismatch (git-fixes).
- dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes).
- dmaengine: owl: fix register access functions (git-fixes).
- dmaengine: tegra186: Fix residual calculation (git-fixes).
- dmaengine: ti: k3-udma: Fix BCHAN count with UHC and HC channels (git-fixes).
- dma: fix call order in dmam_free_coherent (git-fixes).
- dma-mapping: benchmark: fix node id validation (git-fixes).
- dma-mapping: benchmark: handle NUMA_NO_NODE correctly (git-fixes).
- dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes).
- dma: xilinx_dpdma: Fix locking (git-fixes).
- dm crypt: remove redundant state settings after waking up (jsc#PED-7542).
- dm-integrity: set max_integrity_segments in dm_integrity_io_hints (jsc#PED-7542).
- dm-multipath: dont't attempt SG_IO on non-SCSI-disks (bsc#1223575).
- dm-raid: add a new helper prepare_suspend() in md_personality (jsc#PED-7542).
- dm-raid: really frozen sync_thread during suspend (jsc#PED-7542).
- dm thin: add braces around conditional code that spans lines (jsc#PED-7542).
- dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list (jsc#PED-7542).
- dm verity: set DM_TARGET_SINGLETON feature flag (jsc#PED-7542).
- Docs/admin-guide/mm/damon/usage: fix wrong example of DAMOS filter matching sysfs file (git-fixes).
- docs: crypto: async-tx-api: fix broken code example (git-fixes).
- docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).
- docs: netdev: Fix typo in Signed-off-by tag (git-fixes).
- docs: Restore 'smart quotes' for quotes (stable-fixes).
- dpll: spec: use proper enum for pin capabilities attribute (git-fixes).
- driver core: Introduce device_link_wait_removal() (stable-fixes).
- drivers: core: synchronize really_probe() and dev_uevent() (git-fixes).
- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).
- drivers: soc: xilinx: check return status of get_api_version() (git-fixes).
- drivers/xen: Improve the late XenStore init protocol (git-fixes).
- drm: add drm_gem_object_is_shared_for_memory_stats() helper (stable-fixes).
- drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() (stable-fixes).
- drm/amd/amdgpu: Fix uninitialized variable warnings (git-fixes).
- drm/amd/display: Account for cursor prefetch BW in DML1 mode support (stable-fixes).
- drm/amd/display: Add dml2 copy functions (stable-fixes).
- drm/amd/display: Add dtbclk access to dcn315 (stable-fixes).
- drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes).
- drm/amd/display: Allocate zero bw after bw alloc enable (stable-fixes).
- drm/amd/display: Allow dirty rects to be sent to dmub when abm is active (stable-fixes).
- drm/amd/display: ASSERT when failing to find index by plane/stream id (stable-fixes).
- drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).
- drm/amd/display: Change default size for dummy plane in DML2 (stable-fixes).
- drm/amd/display: change dram_clock_latency to 34us for dcn35 (stable-fixes).
- drm/amd/display: Check index msg_id before read or write (stable-fixes).
- drm/amd/display: Check pipe offset before setting vblank (stable-fixes).
- drm/amd/display: Disable seamless boot on 128b/132b encoding (stable-fixes).
- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).
- drm/amd/display: Enable colorspace property for MST connectors (git-fixes).
- drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd/display: Fix array-index-out-of-bounds in dml2/FCLKChangeSupport (stable-fixes).
- drm/amd/display: Fix bounds check for dcn35 DcfClocks (git-fixes).
- drm/amd/display: Fix DC mode screen flickering on DCN321 (stable-fixes).
- drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
- drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).
- drm/amd/display: Fix idle check for shared firmware state (stable-fixes).
- drm/amd/display: Fix incorrect DSC instance for MST (stable-fixes).
- drm/amd/display: fix input states translation error for dcn35 & dcn351 (stable-fixes).
- drm/amd/display: Fix nanosec stat overflow (stable-fixes).
- drm/amd/display: Fix noise issue on HDMI AV mute (stable-fixes).
- drm/amd/display: Fix overlapping copy within dml_core_mode_programming (stable-fixes).
- drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes).
- drm/amd/display: Fix uninitialized variables in DM (stable-fixes).
- drm/amd/display: handle range offsets in VRR ranges (stable-fixes).
- drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).
- drm/amd/display: Init DPPCLK from SMU on dcn32 (stable-fixes).
- drm/amd/display: Move 'struct scaler_data' off stack (git-fixes).
- drm/amd/display: Override min required DCFCLK in dml1_validate (stable-fixes).
- drm/amd/display: Prevent crash when disable stream (stable-fixes).
- drm/amd/display: Program VSC SDP colorimetry for all DP sinks >= 1.4 (stable-fixes).
- drm/amd/display: Remove MPC rate control logic from DCN30 and above (stable-fixes).
- drm/amd/display: Remove pixle rate limit for subvp (stable-fixes).
- drm/amd/display: Remove redundant condition in dcn35_calc_blocks_to_gate() (git-fixes).
- drm/amd/display: Return the correct HDCP error code (stable-fixes).
- drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd/display: Revert Remove pixle rate limit for subvp (stable-fixes).
- drm/amd/display: Send DP_TOTAL_LTTPR_CNT during detection if LTTPR is present (stable-fixes).
- drm/amd/display: Send DTBCLK disable message on first commit (git-fixes).
- drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes).
- drm/amd/display: Set DCN351 BB and IP the same as DCN35 (stable-fixes).
- drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST (stable-fixes).
- drm/amd/display: Skip finding free audio for unknown engine_id (stable-fixes).
- drm/amd/display: Skip pipe if the pipe idx not set properly (stable-fixes).
- drm/amd/display: Use freesync when `DRM_EDID_FEATURE_CONTINUOUS_FREQ` found (stable-fixes).
- drm/amd/display: Workaround register access in idle race with cursor (stable-fixes).
- drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes).
- drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).
- drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes).
- drm/amdgpu: always force full reset for SOC21 (stable-fixes).
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).
- drm/amdgpu: Assign correct bits for SDMA HDP flush (stable-fixes).
- drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes).
- drm/amdgpu/atomfirmware: fix parsing of vram_info (stable-fixes).
- drm/amdgpu/atomfirmware: silence UBSAN warning (stable-fixes).
- drm/amdgpu: avoid using null object of framebuffer (stable-fixes).
- drm/amdgpu: Check if NBIO funcs are NULL in amdgpu_device_baco_exit (git-fixes).
- drm/amdgpu/display: Address kdoc for 'is_psr_su' in 'fill_dc_dirty_rects' (git-fixes).
- drm/amdgpu: drop setting buffer funcs in sdma442 (git-fixes).
- drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() (git-fixes).
- drm/amdgpu: Fix comparison in amdgpu_res_cpu_visible (git-fixes).
- drm/amdgpu: fix deadlock while reading mqd from debugfs (git-fixes).
- drm/amdgpu: fix doorbell regression (git-fixes).
- drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
- drm/amdgpu: fix locking scope when flushing tlb (stable-fixes).
- drm/amdgpu: Fix memory range calculation (git-fixes).
- drm/amdgpu: fix mmhub client id out-of-bounds access (git-fixes).
- drm/amdgpu: Fix pci state save during mode-1 reset (git-fixes).
- drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (git-fixes).
- drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes).
- drm/amdgpu: fix the warning about the expression (int)size - len (stable-fixes).
- drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).
- drm/amdgpu: Fix uninitialized variable warnings (stable-fixes).
- drm/amdgpu: fix use-after-free bug (stable-fixes).
- drm/amdgpu: Fix VCN allocation in CPX partition (stable-fixes).
- drm/amdgpu: fix visible VRAM handling during faults (git-fixes).
- drm/amdgpu: Fix VRAM memory accounting (stable-fixes).
- drm/amdgpu: implement IRQ_STATE_ENABLE for SDMA v4.4.2 (stable-fixes).
- drm/amdgpu: Indicate CU havest info to CP (stable-fixes).
- drm/amdgpu: Initialize timestamp for some legacy SOCs (stable-fixes).
- drm/amdgpu: init microcode chip name from ip versions (stable-fixes).
- drm/amdgpu: make damage clips support configurable (stable-fixes).
- drm/amdgpu/mes: fix use-after-free issue (stable-fixes).
- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
- drm/amdgpu/pm: Check the validity of overdiver power limit (git-fixes).
- drm/amdgpu/pm: Fix NULL pointer dereference when get power limit (git-fixes).
- drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).
- drm/amdgpu: Refine IB schedule error logging (stable-fixes).
- drm/amdgpu: Remove GC HW IP 9.3.0 from noretry=1 (git-fixes).
- drm/amdgpu: remove invalid resource->start check v2 (git-fixes).
- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
- drm/amdgpu: silence UBSAN warning (stable-fixes).
- drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (stable-fixes).
- drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).
- drm/amdkfd: Add VRAM accounting for SVM migration (stable-fixes).
- drm/amdkfd: Check cgroup when returning DMABuf info (stable-fixes).
- drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes).
- drm/amdkfd: Fix CU Masking for GFX 9.4.3 (git-fixes).
- drm/amdkfd: Fix memory leak in create_process failure (git-fixes).
- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).
- drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes).
- drm/amdkfd: Let VRAM allocations go to GTT domain on small APUs (stable-fixes).
- drm/amdkfd: range check cp bad op exception interrupts (stable-fixes).
- drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
- drm/amd/pm: Fix aldebaran pcie speed reporting (git-fixes).
- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
- drm/amd/pm: remove logically dead code for renoir (git-fixes).
- drm/amd/pm: Restore config space after reset (stable-fixes).
- drm/amd/swsmu: modify the gfx activity scaling (stable-fixes).
- drm/arm/komeda: Fix komeda probe failing if there are no links in the secondary pipeline (git-fixes).
- drm/arm/malidp: fix a possible null pointer dereference (git-fixes).
- drm/ast: Fix soft lockup (git-fixes).
- drm/bridge: anx7625: Do not log an error when DSI host can't be found (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes).
- drm/bridge: dpc3433: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: Fix improper bridge init order with pre_enable_prev_first (git-fixes).
- drm/bridge: icn6211: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: it6505: fix hibernate to resume no display issue (git-fixes).
- drm/bridge: lt8912b: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611uxc: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes).
- drm/bridge: samsung-dsim: Set P divider based on min/max of fin pll (git-fixes).
- drm/bridge: tc358775: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).
- drm/buddy: check range allocation matches alignment (stable-fixes).
- drm: Check output polling initialized before disabling (stable-fixes).
- drm: Check polling initialized before enabling in drm_helper_probe_single_connector_modes (stable-fixes).
- drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes).
- drm/connector: Add \n to message about demoting connector force-probes (git-fixes).
- drm/display: fix typo (git-fixes).
- drm/dp_mst: Fix all mstb marked as not probed after suspend/resume (git-fixes).
- drm/etnaviv: fix DMA direction handling for cached RW buffers (git-fixes).
- drm/etnaviv: fix tx clock gating on some GC7000 variants (stable-fixes).
- drm/exynos: do not return negative values from .get_modes() (stable-fixes).
- drm/exynos: dp: drop driver owner initialization (stable-fixes).
- drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes).
- drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes).
- drm/fbdev-dma: Fix framebuffer mode for big endian devices (git-fixes).
- drm/fbdev-dma: Only set smem_start is enable per module option (git-fixes).
- drm/fbdev-generic: Do not set physical framebuffer address (git-fixes).
- drm/fbdev-generic: Fix framebuffer on big endian devices (git-fixes).
- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (git-fixes).
- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (git-fixes).
- drm/gma500: Remove lid code (git-fixes).
- drm/i915/audio: Fix audio time stamp programming for DP (stable-fixes).
- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).
- drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
- drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).
- drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
- drm/i915/display: Use i915_gem_object_get_dma_address to get dma address (stable-fixes).
- drm/i915: Do not match JSL in ehl_combo_pll_div_frac_wa_needed() (git-fixes).
- drm/i915/dp: Do not switch the LTTPR mode on an active link (git-fixes).
- drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY < 13 (git-fixes).
- drm/i915/dp: Remove support for UHBR13.5 (git-fixes).
- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).
- drm/i915/dsb: Fix DSB vblank waits when using VRR (git-fixes).
- drm/i915/dsi: Go back to the previous INIT_OTP/DISPLAY_ON order, mostly (git-fixes).
- drm/i915: Fix audio component initialization (git-fixes).
- drm/i915/gt: Automate CCS Mode setting during engine resets (git-fixes).
- drm/i915/gt: Disable HW load balancing for CCS (git-fixes).
- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).
- drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8 (git-fixes).
- drm/i915/gt: Do not generate the command streamer for all the CCS (git-fixes).
- drm/i915/gt: Enable only one CCS for compute workload (git-fixes).
- drm/i915/gt: Fix CCS id's calculation for CCS mode setting (git-fixes).
- drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes).
- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).
- drm/i915/hwmon: Fix locking inversion in sysfs getter (git-fixes).
- drm/i915/hwmon: Get rid of devm (stable-fixes).
- drm/i915: Include the PLL name in the debug messages (stable-fixes).
- drm/i915/lspcon: Separate function to set expected mode (bsc#1193599).
- drm/i915/lspcon: Separate lspcon probe and lspcon init (bsc#1193599).
- drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes).
- drm/i915/mst: Limit MST+DSC to TGL+ (git-fixes).
- drm/i915/mst: Reject FEC+MST on ICL (git-fixes).
- drm/i915: Pre-populate the cursor physical dma address (git-fixes).
- drm/i915: Replace a memset() with zero initialization (stable-fixes).
- drm/i915: Stop printing pipe name as hex (stable-fixes).
- drm/i915: Suppress old PLL pipe_mask checks for MG/TC/TBT PLLs (stable-fixes).
- drm/i915: Try to preserve the current shared_dpll for fastset on type-c ports (stable-fixes).
- drm/i915: Use named initializers for DPLL info (stable-fixes).
- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
- drm/i915/vrr: Generate VRR 'safe window' for DSB (git-fixes).
- drm/imx/ipuv3: do not return negative values from .get_modes() (stable-fixes).
- drm/komeda: check for error-valued pointer (git-fixes).
- drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).
- drm/lima: add mask irq callback to gp and pp (stable-fixes).
- drm/lima: fix shared irq handling on driver remove (stable-fixes).
- drm/lima: Mark simple_ondemand governor as softdep (git-fixes).
- drm/lima: mask irqs in timeout path before hard reset (stable-fixes).
- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).
- drm/mediatek: Add DRM_MODE_ROTATE_0 to rotation property (git-fixes).
- drm/mediatek: Add OVL compatible name for MT8195 (git-fixes).
- drm/mediatek: Call drm_atomic_helper_shutdown() at shutdown time (stable-fixes).
- drm/mediatek: dp: Fix mtk_dp_aux_transfer return value (git-fixes).
- drm/mediatek: Fix bit depth overwritten for mtk_ovl_set bit_depth() (git-fixes).
- drm/mediatek: Fix destination alpha error in OVL (git-fixes).
- drm/mediatek: Fix XRGB setting error in Mixer (git-fixes).
- drm/mediatek: Fix XRGB setting error in OVL (git-fixes).
- drm/mediatek: Init `ddp_comp` with devm_kcalloc() (git-fixes).
- drm/mediatek: Remove less-than-zero comparison of an unsigned value (git-fixes).
- drm/mediatek: Set DRM mode configs accordingly (git-fixes).
- drm/mediatek: Support DRM plane alpha in Mixer (git-fixes).
- drm/mediatek: Support DRM plane alpha in OVL (git-fixes).
- drm/mediatek: Support RGBA8888 and RGBX8888 in OVL on MT8195 (git-fixes).
- drm/mediatek: Turn off the layers with zero width or height (git-fixes).
- drm/mediatek: Use 8-bit alpha in ETHDR (git-fixes).
- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).
- drm/meson: dw-hdmi: power up phy on device init (git-fixes).
- drm/meson: fix canvas release in bind function (git-fixes).
- drm/meson: gate px_clk when setting rate (git-fixes).
- drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).
- drm/mgag200: Bind I2C lifetime to DRM device (git-fixes).
- drm/mgag200: Set DDC timeout in milliseconds (git-fixes).
- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq() (git-fixes).
- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_generic_write_seq() (git-fixes).
- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).
- drm/msm: Add newlines to some debug prints (git-fixes).
- drm/msm/adreno: fix CP cycles stat retrieval on a7xx (git-fixes).
- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).
- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).
- drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).
- drm/msm/dpu: Add callback function pointer check before its call (git-fixes).
- drm/msm/dpu: Allow configuring multiple active DSC blocks (git-fixes).
- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).
- drm/msm/dpu: do not allow overriding data from catalog (git-fixes).
- drm/msm/dpu: drop validity checks for clear_pending_flush() ctl op (git-fixes).
- drm/msm/dpu: fix encoder irq wait skip (git-fixes).
- drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more sensible (git-fixes).
- drm/msm/dpu: use devres-managed allocation for MDP TOP (stable-fixes).
- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes).
- drm/msm/dsi: set VIDEO_COMPRESSION_MODE_CTRL_WC (git-fixes).
- drm/msm/mdp5: Remove MDP_CAP_SRC_SPLIT from msm8x53_config (git-fixes).
- drm/nouveau/disp: Fix missing backlight control on Macbook 5, 1 (bsc#1223838).
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (stable-fixes).
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (stable-fixes).
- drm/nouveau: do not attempt to schedule hpd_work on headless cards (git-fixes).
- drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).
- drm/nouveau/dp: Fix incorrect return code in r535_dp_aux_xfer() (git-fixes).
- drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() (stable-fixes).
- drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (git-fixes).
- drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations (git-fixes).
- drm: nv04: Fix out of bounds access (git-fixes).
- drm/omapdrm: Fix console by implementing fb_dirty (git-fixes).
- drm/panel: boe-tv101wum-nl6: Check for errors on the NOP in prepare() (git-fixes).
- drm/panel: boe-tv101wum-nl6: If prepare fails, disable GPIO before regulators (git-fixes).
- drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes).
- drm/panel: himax-hx8394: Handle errors from mipi_dsi_dcs_set_display_on() better (git-fixes).
- drm/panel: ili9341: Respect deferred probe (git-fixes).
- drm/panel: ili9341: Use predefined error codes (git-fixes).
- drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep (stable-fixes).
- drm/panel: ilitek-ili9882t: Check for errors on the NOP in prepare() (git-fixes).
- drm/panel: ilitek-ili9882t: If prepare fails, disable GPIO before regulators (git-fixes).
- drm/panel: ltk050h3146w: add MIPI_DSI_MODE_VIDEO to LTK050H3148W flags (git-fixes).
- drm/panel: ltk050h3146w: drop duplicate commands from LTK050H3148W init (git-fixes).
- drm/panel: novatek-nt35950: Do not log an error when DSI host can't be found (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Aya Neo KUN (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Valve Galileo (stable-fixes).
- drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes).
- drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes).
- drm/panel: sitronix-st7789v: Add check for of_drm_get_panel_orientation (git-fixes).
- drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
- drm/panfrost: fix power transition timeout warnings (git-fixes).
- drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (git-fixes).
- drm/panfrost: Mark simple_ondemand governor as softdep (git-fixes).
- drm/prime: Unbreak virtgpu dma-buf export (git-fixes).
- drm/probe-helper: warn about negative .get_modes() (stable-fixes).
- drm/qxl: Add check for drm_cvt_mode (git-fixes).
- drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes).
- drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes).
- drm/radeon: check bo_va->bo is non-NULL before using it (stable-fixes).
- drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/radeon: make -fstrict-flex-arrays=3 happy (git-fixes).
- drm/radeon/radeon_display: Decrease the size of allocated memory (stable-fixes).
- drm/radeon: silence UBSAN warning (v3) (stable-fixes).
- drm/rockchip: vop2: Do not divide height twice for YUV (git-fixes).
- drm/rockchip: vop2: Fix the port mux of VP2 (git-fixes).
- drm/rockchip: vop2: Remove AR30 and AB30 format support (git-fixes).
- drm/sched: fix null-ptr-deref in init entity (git-fixes).
- drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (git-fixes).
- drm/sun4i: hdmi: Convert encoder to atomic (stable-fixes).
- drm/sun4i: hdmi: Move mode_set into enable (stable-fixes).
- drm/ttm: Always take the bo delayed cleanup path for imported bos (git-fixes).
- drm/ttm: return ENOSPC from ttm_bo_mem_space v3 (stable-fixes).
- drm/ttm: stop pooling cached NUMA pages v2 (git-fixes).
- drm/udl: Remove DRM_CONNECTOR_POLL_HPD (git-fixes).
- drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
- drm: vc4: Fix possible null pointer dereference (git-fixes).
- drm/vc4: hdmi: do not return negative values from .get_modes() (stable-fixes).
- drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes).
- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-fixes).
- drm/vmwgfx: Do not memcmp equivalent pointers (git-fixes).
- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
- drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes).
- drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
- drm/vmwgfx: Fix Legacy Display Unit (git-fixes).
- drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency (stable-fixes).
- drm/vmwgfx: Fix prime import/export (git-fixes).
- drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
- drm: zynqmp_dpsub: Always register bridge (git-fixes).
- drm: zynqmp_dpsub: Fix an error handling path in zynqmp_dpsub_probe() (git-fixes).
- drm: zynqmp_kms: Fix AUX bus not getting unregistered (git-fixes).
- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)
- dump_stack: Do not get cpu_sync for panic CPU (bsc#1225607).
- dyndbg: fix old BUG_ON in >control parser (stable-fixes).
- e1000e: Minor flow correction in e1000_shutdown function (git-fixes).
- e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (git-fixes).
- e1000e: Workaround for sporadic MDI error on Meteor Lake systems (git-fixes).
- ecryptfs: Fix buffer size for tag 66 packet (git-fixes)
- ecryptfs: Reject casefold directory inodes (git-fixes)
- EDAC/synopsys: Fix ECC status and IRQ control race condition (git-fixes).
- Edit 'amdkfd: use calloc instead of kzalloc to avoid integer overflow' Reference CVE and bug numbers.
- eeprom: at24: Probe for DDR3 thermal sensor in the SPD case (stable-fixes).
- eeprom: digsy_mtc: Fix 93xx46 driver probe failure (git-fixes).
- efi: disable mirror feature during crashkernel (stable-fixes).
- efi: fix panic in kdump kernel (git-fixes).
- efi: libstub: only free priv.runtime_map when allocated (git-fixes).
- efi/unaccepted: do not let /proc/vmcore try to access unaccepted memory (git-fixes).
- efi/unaccepted: touch soft lockup during memory accept (git-fixes).
- efi/x86: Free EFI memory map only when installing a new one (git-fixes).
- Enable CONFIG_FIPS_SIGNATURE_SELFTEST (bsc#1222771)
- Enable CONFIG_SCHED_CLUSTER=y on arm64 (jsc#PED-8701).
- erofs: ensure m_llen is reset to 0 if metadata is invalid (git-fixes).
- exfat: fix potential deadlock on __exfat_get_dentry_set (git-fixes).
- extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).
- f2fs: fix error path of __f2fs_build_free_nids (git-fixes).
- fast_dput(): handle underflows gracefully (git-fixes)
- fat: fix uninitialized field in nostale filehandles (git-fixes)
- fbdev: fix incorrect address computation in deferred IO (git-fixes).
- fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).
- fbdev: sh7760fb: allow modular build (git-fixes).
- fbdev: shmobile: fix snprintf truncation (git-fixes).
- fbdev: sisfb: hide unused variables (git-fixes).
- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).
- fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).
- filelock: fix potential use-after-free in posix_lock_inode (git-fixes).
- firewire: core: use long bus reset on gap count error (stable-fixes).
- firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes).
- firmware: arm_scmi: Make raw debugfs entries non-seekable (git-fixes).
- firmware: cs_dsp: Fix overflow checking of wmfw header (git-fixes).
- firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (git-fixes).
- firmware: cs_dsp: Return error if block header overflows file (git-fixes).
- firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (git-fixes).
- firmware: cs_dsp: Validate payload length before processing block (git-fixes).
- firmware: dmi-id: add a release callback function (git-fixes).
- firmware: dmi: Stop decoding on broken entry (stable-fixes).
- firmware: psci: Fix return value from psci_system_suspend() (git-fixes).
- firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).
- firmware: tegra: bpmp: Return directly after a failed kzalloc() in get_filename() (stable-fixes).
- firmware: turris-mox-rwtm: Do not complete if there are no waiters (git-fixes).
- firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (git-fixes).
- firmware: turris-mox-rwtm: Initialize completion before mailbox (git-fixes).
- Fix a potential infinite loop in extract_user_to_sg() (git-fixes).
- Fix build errors due to new UIO_MEM_DMA_COHERENT mess (git-fixes).
- fpga: dfl-pci: add PCI subdevice ID for Intel D5005 card (stable-fixes).
- fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes)
- fs/9p: translate O_TRUNC into OTRUNC (git-fixes)
- fs/file: fix the check in find_next_fd() (git-fixes).
- fs: Fix error checking for d_hash_and_lookup() (git-fixes)
- fs: indicate request originates from old mount API (git-fixes)
- fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() (git-fixes).
- fs: relax mount_setattr() permission checks (git-fixes)
- fsverity: skip PKCS#7 parser when keyring is empty (git-fixes)
- ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).
- fuse: do not unhash root (bsc#1223946).
- fuse: fix root lookup with nonzero generation (bsc#1223945).
- fuse: verify {g,u}id mount options correctly (bsc#1228193).
- geneve: fix header validation in geneve[6]_xmit_skb (git-fixes).
- geneve: make sure to pull inner header in geneve_rx() (git-fixes).
- genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() (git-fixes).
- gfs2: convert to ctime accessor functions (git-fixes).
- gfs2: Do not forget to complete delayed withdraw (git-fixes).
- gfs2: Fix 'ignore unlock failures after withdraw' (git-fixes).
- gfs2: Fix invalid metadata access in punch_hole (git-fixes).
- gfs2: Get rid of gfs2_alloc_blocks generation parameter (git-fixes).
- gfs2: Rename gfs2_lookup_{ simple => meta } (git-fixes).
- gfs2: Use mapping->gfp_mask for metadata inodes (git-fixes).
- gpio: cdev: check for NULL labels when sanitizing them for irqs (git-fixes).
- gpio: cdev: fix missed label sanitizing in debounce_setup() (git-fixes).
- gpio: cdev: sanitize the label before requesting the interrupt (stable-fixes).
- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).
- gpio: davinci: Validate the obtained number of IRQs (git-fixes).
- gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes).
- gpiolib: cdev: fix uninitialised kfifo (git-fixes).
- gpiolib: cdev: relocate debounce_period_us from struct gpio_desc (stable-fixes).
- gpiolib: swnode: Remove wrong header inclusion (git-fixes).
- gpio: lpc32xx: fix module autoloading (stable-fixes).
- gpio: mc33880: Convert comma to semicolon (git-fixes).
- gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (stable-fixes).
- gpio: tangier: Use correct type for the IRQ chip data (git-fixes).
- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (git-fixes).
- gpio: tqmx86: fix broken IRQ_TYPE_EDGE_BOTH interrupt type (git-fixes).
- gpio: tqmx86: fix typo in Kconfig label (git-fixes).
- gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes).
- gpio: tqmx86: store IRQ trigger type and unmask status separately (git-fixes).
- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).
- gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).
- gtp: fix use-after-free and null-ptr-deref in gtp_newlink() (git-fixes).
- hfsplus: fix to avoid false alarm of circular locking (git-fixes).
- hfsplus: fix uninit-value in copy_name (git-fixes).
- HID: Add quirk for Logitech Casa touchpad (stable-fixes).
- HID: amd_sfh: Handle 'no sensors' in PM operations (git-fixes).
- HID: core: remove unnecessary WARN_ON() in implement() (git-fixes).
- HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (git-fixes).
- HID: Ignore battery for ELAN touchscreens 2F2C and 4116 (stable-fixes).
- HID: input: avoid polling stylus battery on Chromebook Pompom (stable-fixes).
- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes).
- HID: logitech-dj: allow mice to use all types of reports (git-fixes).
- HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git-fixes).
- HID: mcp-2221: cancel delayed_work only when CONFIG_IIO is enabled (stable-fixes).
- HID: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes).
- HID: wacom: Modify pen IDs (git-fixes).
- hpet: Support 32-bit userspace (git-fixes).
- hwmon: (adt7475) Fix default duty on fan is disabled (git-fixes).
- hwmon: (amc6821) add of_match table (stable-fixes).
- hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock (git-fixes).
- hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes).
- hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes).
- hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor (git-fixes).
- hwmon: (lm70) fix links in doc and comments (git-fixes).
- hwmon: (max6697) Fix swapped temp{1,8} critical alarms (git-fixes).
- hwmon: (max6697) Fix underflow when writing limit attributes (git-fixes).
- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).
- hwmon: (shtc1) Fix property misspelling (git-fixes).
- hwrng: amd - Convert PCIBIOS_* return codes to errnos (git-fixes).
- hwrng: core - Fix wrong quality calculation at hw rng registration (git-fixes).
- hwtracing: hisi_ptt: Move type check to the beginning of hisi_ptt_pmu_event_init() (git-fixes).
- i2c: acpi: Unbind mux adapters before delete (git-fixes).
- i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: cadence: Avoid fifo clear after start (git-fixes).
- i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: i801: Annotate apanel_addr as __ro_after_init (stable-fixes).
- i2c: mark HostNotify target address as used (git-fixes).
- i2c: ocores: set IACK bit after core is enabled (git-fixes).
- i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr (git-fixes).
- i2c: pxa: hide unused icr_bits[] variable (git-fixes).
- i2c: rcar: bring hardware to known state when probing (git-fixes).
- i2c: smbus: fix NULL function pointer dereference (git-fixes).
- i2c: synquacer: Fix an error handling path in synquacer_i2c_probe() (git-fixes).
- i2c: testunit: avoid re-issued work after read message (git-fixes).
- i2c: testunit: correct Kconfig description (git-fixes).
- i2c: testunit: discard write requests while old command is running (git-fixes).
- i2c: testunit: do not erase registers after STOP (git-fixes).
- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes).
- i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes).
- i40e: disable NAPI right after disabling irqs when handling xsk_pool (git-fixes).
- i40e: Enforce software interrupt during busy-poll exit (git-fixes).
- i40e: Fix firmware version comparison function (git-fixes).
- i40e: fix i40e_count_filters() to count only active/new filters (git-fixes).
- i40e: fix: remove needless retries of NVM update (bsc#1227736).
- i40e: Fix VF MAC filter removal (git-fixes).
- i40e: fix vf may be used uninitialized in this function warning (git-fixes).
- i915: make inject_virtual_interrupt() void (stable-fixes).
- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)
- ice: fix enabling RX VLAN filtering (git-fixes).
- ice: fix memory corruption bug with suspend and rebuild (git-fixes).
- ice: fix stats being updated by way too large values (git-fixes).
- ice: fix typo in assignment (git-fixes).
- ice: fix uninitialized dplls mutex usage (git-fixes).
- ice: reconfig host after changing MSI-X on VF (git-fixes).
- ice: Refactor FW data type and fix bitmap casting issue (git-fixes).
- ice: reorder disabling IRQ and NAPI in ice_qp_dis (git-fixes).
- ice: use relative VSI index for VFs instead of PF VSI number (git-fixes).
- ice: virtchnl: stop pretending to support RSS over AQ or registers (git-fixes).
- ida: make 'ida_dump' static (git-fixes).
- idma64: Do not try to serve interrupts when device is powered off (git-fixes).
- idpf: disable local BH when scheduling napi for marker packets (git-fixes).
- idpf: extend tx watchdog timeout (bsc#1224137).
- idpf: fix kernel panic on unknown packet types (git-fixes).
- igb: extend PTP timestamp adjustments to i211 (git-fixes).
- igb: Fix missing time sync events (git-fixes).
- igc: avoid returning frame twice in XDP_REDIRECT (git-fixes).
- igc: Fix missing time sync events (git-fixes).
- igc: Remove stale comment about Tx timestamping (git-fixes).
- iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes).
- iio: accel: mxc4005: allow module autoloading via OF compatible (stable-fixes).
- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
- iio: accel: mxc4005: Reset chip on probe() and resume() (stable-fixes).
- iio: adc: ad7266: Fix variable checking bug (git-fixes).
- iio: adc: ad9467: fix scan type sign (git-fixes).
- iio: adc: ad9467: use chip_info variables instead of array (stable-fixes).
- iio: adc: ad9467: use spi_get_device_match_data() (stable-fixes).
- iio: adc: stm32: Fixing err code to not indicate success (git-fixes).
- iio: chemical: bme680: Fix calibration data variable (git-fixes).
- iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes).
- iio: chemical: bme680: Fix pressure value output (git-fixes).
- iio: chemical: bme680: Fix sensor data read operation (git-fixes).
- iio: core: Leave private pointer NULL when no private data supplied (git-fixes).
- iio: dac: ad5592r: fix temperature channel scaling value (git-fixes).
- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
- iio: Fix the sorting functionality in iio_gts_build_avail_time_table (git-fixes).
- iio: frequency: adrf6780: rm clk provider include (git-fixes).
- iio: gts-helper: Fix division loop (git-fixes).
- iio:imu: adis16475: Fix sync mode setting (git-fixes).
- iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes).
- iio: pressure: bmp280: Fix BMP580 temperature reading (stable-fixes).
- iio: pressure: dps310: support negative temperature values (git-fixes).
- iio: pressure: Fixes BME280 SPI driver data (git-fixes).
- iio: pressure: fix some word spelling errors (stable-fixes).
- iio: xilinx-ams: Do not include ams_ctrl_channels in scan_mask (git-fixes).
- inet_diag: annotate data-races around inet_diag_table[] (git-fixes).
- inet: frags: eliminate kernel-doc warning (git-fixes).
- init/main.c: Fix potential static_command_line memory overflow (git-fixes).
- init: open /initrd.image with O_LARGEFILE (stable-fixes).
- input: Add event code for accessibility key (stable-fixes).
- input: Add support for 'Do Not Disturb' (stable-fixes).
- Input: ads7846 - use spi_device_id table (stable-fixes).
- Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes).
- Input: elan_i2c - do not leave interrupt disabled on suspend failure (git-fixes).
- Input: elantech - fix touchpad state on resume for Lenovo N24 (stable-fixes).
- Input: ff-core - prefer struct_size over open coded arithmetic (stable-fixes).
- Input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes).
- Input: i8042 - add Ayaneo Kun to i8042 quirk table (stable-fixes).
- Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes).
- Input: imagis - use FIELD_GET where applicable (stable-fixes).
- Input: ims-pcu - fix printf string overflow (git-fixes).
- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).
- Input: qt1050 - handle CHIP_ID reading error (git-fixes).
- Input: silead - Always support 10 fingers (stable-fixes).
- Input: synaptics-rmi4 - fail probing if memory allocation for 'phys' fails (stable-fixes).
- input/touchscreen: imagis: Correct the maximum touch area value (stable-fixes).
- Input: xpad - add additional HyperX Controller Identifiers (stable-fixes).
- Input: xpad - add support for ASUS ROG RAIKIRI (git-fixes).
- Input: xpad - add support for ASUS ROG RAIKIRI PRO (stable-fixes).
- Input: xpad - add support for Snakebyte GAMEPADs (stable-fixes).
- intel: legacy: Partial revert of field get conversion (git-fixes).
- intel_th: pci: Add Granite Rapids SOC support (stable-fixes).
- intel_th: pci: Add Granite Rapids support (stable-fixes).
- intel_th: pci: Add Lunar Lake support (stable-fixes).
- intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes).
- intel_th: pci: Add Meteor Lake-S support (stable-fixes).
- intel_th: pci: Add Sapphire Rapids SOC support (stable-fixes).
- interconnect: qcom: osm-l3: Replace custom implementation of COUNT_ARGS() (git-fixes).
- interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment (git-fixes).
- interconnect: qcom: qcm2290: Fix mas_snoc_bimc RPM master ID (git-fixes).
- interconnect: qcom: sc8180x: Mark CO0 BCM keepalive (git-fixes).
- interconnect: qcom: sm8550: Enable sync_state (git-fixes).
- iomap: clear the per-folio dirty bits on all writeback failures (git-fixes)
- iommu/amd: Enhance def_domain_type to handle untrusted device (git-fixes).
- iommu/amd: Fix panic accessing amd_iommu_enable_faulting (bsc#1224767).
- iommu/amd: Fix sysfs leak in iommu init (git-fixes).
- iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA (git-fixes).
- iommu/arm-smmu-v3: Free MSIs in case of ENOMEM (git-fixes).
- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)
- iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).
- iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest (git-fixes).
- iommufd: Fix iopt_access_list_id overwrite bug (git-fixes).
- iommufd/iova_bitmap: Bounds check mapped::pages access (git-fixes).
- iommufd/iova_bitmap: Consider page offset for the pages to be pinned (git-fixes).
- iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array (git-fixes).
- iommufd: Reject non-zero data_type if no data_len is provided (git-fixes).
- iommu: Fix compilation without CONFIG_IOMMU_INTEL (git-fixes).
- iommu: Map reserved memory as cacheable if device is coherent (git-fixes).
- iommu: mtk: fix module autoloading (git-fixes).
- iommu: Return right value in iommu_sva_bind_device() (git-fixes).
- iommu: Undo pasid attachment only for the devices that have succeeded (git-fixes).
- iommu/vt-d: Allocate DMAR fault interrupts locally (bsc#1224767).
- iommu/vt-d: Allocate local memory for page request queue (git-fixes).
- iommu/vt-d: Fix WARN_ON in iommu probe path (git-fixes).
- iommu/vt-d: Fix wrong use of pasid config (git-fixes).
- iommu/vt-d: Improve ITE fault handling if target device isn't present (git-fixes).
- iommu/vt-d: Set SSADE when attaching to a parent with dirty tracking (git-fixes).
- iommu/vt-d: Use rbtree to track iommu probed devices (git-fixes).
- ionic: set adminq irq affinity (git-fixes).
- io_uring: clean rings on NO_MMAP alloc fail (git-fixes).
- io_uring: clear opcode specific data for an early failure (git-fixes).
- io_uring: do not save/restore iowait state (git-fixes).
- io_uring: fail NOP if non-zero op flags is passed in (git-fixes).
- io_uring: Fix io_cqring_wait() not restoring sigmask on get_timespec64() failure (git-fixes).
- io_uring: fix io_queue_proc modifying req->flags (git-fixes).
- io_uring: fix mshot io-wq checks (git-fixes).
- io_uring: fix mshot read defer taskrun cqe posting (git-fixes).
- io_uring: fix poll_remove stalled req completion (git-fixes).
- io_uring/io-wq: avoid garbage value of 'match' in io_wq_enqueue() (git-fixes).
- io_uring/io-wq: Use set_bit() and test_bit() at worker->flags (git-fixes).
- io_uring: kabi cookie remove (bsc#1217384).
- io_uring/kbuf: get rid of bl->is_ready (git-fixes).
- io_uring/kbuf: get rid of lower BGID lists (git-fixes). Including kabi preservation patch.
- io_uring/kbuf: protect io_buffer_list teardown with a reference (git-fixes). Reuses a padding space in the structure.
- io_uring/kbuf: rename is_mapped (git-fixes).
- io_uring/net: correctly handle multishot recvmsg retry setup (git-fixes).
- io_uring/net: correct the type of variable (git-fixes).
- io_uring/net: fix sendzc lazy wake polling (git-fixes).
- io_uring/net: move receive multishot out of the generic msghdr path (git-fixes).
- io_uring/net: restore msg_control on sendzc retry (git-fixes).
- io_uring/net: unify how recvmsg and sendmsg copy in the msghdr (git-fixes).
- io_uring: remove looping around handling traditional task_work (git-fixes).
- io_uring: remove unconditional looping in local task_work handling (git-fixes).
- io_uring/rsrc: do not lock while !TASK_RUNNING (git-fixes).
- io_uring/rsrc: fix incorrect assignment of iter->nr_segs in io_import_fixed (git-fixes).
- io_uring/rw: do not allow multishot reads without NOWAIT support (git-fixes).
- io_uring/rw: return IOU_ISSUE_SKIP_COMPLETE for multishot retry (git-fixes).
- io_uring/sqpoll: work around a potential audit memory leak (git-fixes).
- io_uring/unix: drop usage of io_uring socket (git-fixes).
- io_uring: use private workqueue for exit work (git-fixes).
- io_uring: use the right type for work_llist empty check (git-fixes).
- io-wq: write next_work before dropping acct_lock (git-fixes).
- ipmi: ssif_bmc: prevent integer overflow on 32bit systems (git-fixes).
- ipv4: annotate data-races around fi->fib_dead (git-fixes).
- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
- irqchip/alpine-msi: Fix off-by-one in allocation error path (git-fixes).
- irqchip/armada-370-xp: Suppress unused-function warning (git-fixes).
- irqchip/gic-v3-its: Do not assume vPE tables are preallocated (git-fixes).
- irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-fixes).
- irqchip/gic-v3-its: Prevent double free on error (git-fixes).
- irqchip/loongson-pch-msi: Fix off-by-one on allocation error path (git-fixes).
- irqchip/mbigen: Do not use bus_get_dev_root() to find the parent (git-fixes).
- irqchip/renesas-rzg2l: Add macro to retrieve TITSR register offset based on register's index (stable-fixes).
- irqchip/renesas-rzg2l: Flush posted write in irq_eoi() (git-fixes).
- irqchip/renesas-rzg2l: Implement restriction when writing ISCR register (stable-fixes).
- irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger type (git-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi() (stable-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi() (stable-fixes).
- iwlwifi: fw: fix more kernel-doc warnings (bsc#1227149).
- iwlwifi: mvm: Drop unused fw_trips_index[] from iwl_mvm_thermal_device (bsc#1227149).
- iwlwifi: mvm: Populate trip table before registering thermal zone (bsc#1227149).
- iwlwifi: mvm: Use for_each_thermal_trip() for walking trip points (bsc#1227149).
- ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa() (git-fixes).
- ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (git-fixes).
- jffs2: Fix potential illegal address access in jffs2_free_inode (git-fixes).
- jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).
- jfs: Fix array-index-out-of-bounds in diFree (git-fixes).
- jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227383).
- kABI: Adjust trace_iterator.wait_index (git-fixes).
- kABI: bpf: verifier kABI workaround (bsc#1225903).
- kABI fix of KVM: x86/pmu: Allow programming events that match unsupported arch events (bsc#1225696).
- kABI fix of KVM: x86/pmu: Prioritize VMX interception over
- kABI fix of KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (git-fixes).
- kabi fix of perf/x86/intel: Expose existence of callback support to KVM (git fixes).
- kabi/severities: cleanup and update for WiFi driver entries (bsc#1227149)
- kabi/severities: cover all ath/* drivers (bsc#1227149) All symbols in ath/* network drivers are local and can be ignored
- kabi/severities: cover all mt76 modules (bsc#1227149)
- kabi/severities: ignore amd pds internal symbols
- kabi/severities: ignore brcmfmac-specific local symbols
- kabi/severities: ignore IMS functions They were dropped in previous patches. Noone is supposed to use them.
- kabi/severities: Ignore io_uring internal symbols
- kabi/severities: ignore kABI changes Realtek WiFi drivers (bsc#1227149) All those symbols are local and used for its own helpers
- kabi/severities: ignore TAS2781 symbol drop, it's only locally used
- kabi/severities: ignore Wangxun ethernet driver local symbols
- kabi/severities: Remove mitigation-related symbols Those are used by the core kernel to implement CPU vulnerabilities mitigation and are not expected to be consumed by 3rd party users.
- kabi: Use __iowriteXX_copy_inlined for in-kernel modules (bsc#1226502)
- kABI workaround for cs35l56 (git-fixes).
- kABI workaround for of driver changes (git-fixes).
- kABI workaround for sof_ipc_pcm_ops (git-fixes).
- kABI workaround for wireless updates (bsc#1227149).
- kasan: disable kasan_non_canonical_hook() for HW tags (git-fixes).
- kasan, fortify: properly rename memintrinsics (git-fixes).
- kasan: print the original fault addr when access invalid shadow (git-fixes).
- kasan/test: avoid gcc warning for intentional overflow (git-fixes).
- kbuild: avoid build error when single DTB is turned into composite DTB (git-fixes).
- kbuild: Fix build target deb-pkg: ln: failed to create hard link (git-fixes).
- kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes).
- kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1 (stable-fixes).
- kconfig: doc: fix a typo in the note about 'imply' (git-fixes).
- kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes).
- kconfig: fix infinite loop when expanding a macro at the end of file (git-fixes).
- kconfig: gconf: give a proper initial state to the Save button (stable-fixes).
- kconfig: remove wrong expr_trans_bool() (stable-fixes).
- kcov: do not lose track of remote references during softirqs (git-fixes).
- kernel-binary: vdso: Own module_dir
- kernel-doc: fix struct_group_tagged() parsing (git-fixes).
- kexec: do syscore_shutdown() in kernel_kexec (git-fixes).
- KEYS: trusted: Do not use WARN when encode fails (git-fixes).
- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).
- kheaders: explicitly define file modes for archived headers (stable-fixes).
- knfsd: LOOKUP can return an illegal error value (git-fixes).
- kobject_uevent: Fix OOB access within zap_modalias_env() (git-fixes).
- kprobe/ftrace: bail out if ftrace was killed (git-fixes).
- kprobe/ftrace: fix build error due to bad function definition (git-fixes).
- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
- kselftest: Add a ksft_perror() helper (stable-fixes).
- kunit: Fix checksum tests on big endian CPUs (git-fixed).
- kunit/fortify: Fix mismatched kvalloc()/vfree() usage (git-fixes).
- KVM: arm64: Use local TLBI on permission relaxation (bsc#1219478).
- KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).
- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224790).
- KVM: SEV-ES: Delegate LBR virtualization to the processor (git-fixes).
- KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent (git-fixes).
- KVM: SVM: Add support for allowing zero SEV ASIDs (git-fixes).
- KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (git-fixes).
- KVM: SVM: Use unsigned integers when dealing with ASIDs (git-fixes).
- KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (git-fixes).
- KVM: VMX: Disable LBR virtualization if the CPU does not support LBR callstacks (git-fixes).
- KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).
- KVM: x86: Allow, do not ignore, same-value writes to immutable MSRs (git-fixes).
- KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (git-fixes).
- KVM: x86: Do not advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (git-fixes).
- KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).
- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (git-fixes).
- KVM: x86: Introduce __kvm_get_hypervisor_cpuid() helper (git-fixes).
- KVM: x86: Mark target gfn of emulated atomic instruction as dirty (git-fixes).
- KVM: x86/mmu: Do not force emulation of L2 accesses to non-APIC internal slots (git-fixes).
- KVM: x86/mmu: Move private vs. shared check above slot validity checks (git-fixes).
- KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU (git-fixes).
- KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status (git-fixes).
- KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if APICv is enabled (git-fixes).
- KVM: x86/pmu: Allow programming events that match unsupported arch events (git-fixes).
- KVM: x86/pmu: Always treat Fixed counters as available when supported (git-fixes).
- KVM: x86/pmu: Apply 'fast' RDPMC only to Intel PMUs (git-fixes).
- KVM: x86/pmu: Disable support for adaptive PEBS (git-fixes).
- KVM: x86/pmu: Disallow 'fast' RDPMC for architectural Intel PMUs (git-fixes).
- KVM: x86/pmu: Do not ignore bits 31:30 for RDPMC index on AMD (git-fixes).
- KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms (git-fixes).
- KVM: x86/pmu: Explicitly check NMI from guest to reducee false positives (git-fixes).
- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (bsc#1226158).
- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (git-fixes).
- KVM: x86/pmu: Set enable bits for GP counters in PERF_GLOBAL_CTRL at 'RESET' (git-fixes).
- KVM: x86/pmu: Zero out PMU metadata on AMD if PMU is disabled (git-fixes).
- KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (git-fixes).
- KVM: x86: Use actual kvm_cpuid.base for clearing KVM_FEATURE_PV_UNHALT (git-fixes).
- KVM: x86/xen: fix recursive deadlock in timer injection (git-fixes).
- KVM: x86/xen: improve accuracy of Xen timers (git-fixes).
- KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled (git-fixes).
- KVM: x86/xen: remove WARN_ON_ONCE() with false positives in evtchn delivery (git-fixes).
- leds: flash: leds-qcom-flash: Test the correct variable in init (git-fixes).
- leds: mt6360: Fix memory leak in mt6360_init_isnk_properties() (git-fixes).
- leds: pwm: Disable PWM when going to suspend (git-fixes).
- leds: ss4200: Convert PCIBIOS_* return codes to errnos (git-fixes).
- leds: triggers: Flush pending brightness before activating trigger (git-fixes).
- leds: trigger: Unregister sysfs attributes before calling deactivate() (git-fixes).
- libceph: fix race between delayed_work() and ceph_monc_stop() (bsc#1228192).
- libnvdimm: Fix ACPI_NFIT in BLK_DEV_PMEM help (jsc#PED-5853).
- lib: objagg: Fix general protection fault (git-fixes).
- lib: objagg: Fix spelling (git-fixes).
- libperf evlist: Avoid out-of-bounds access (git-fixes).
- libsubcmd: Fix parse-options memory leak (git-fixes).
- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (git-fixes).
- lib: test_objagg: Fix spelling (git-fixes).
- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).
- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes)
- lsm: fix the logic in security_inode_getsecctx() (git-fixes).
- mac802154: fix llsec key resources release in mac802154_llsec_key_del (git-fixes).
- mac802154: fix time calculation in ieee802154_configure_durations() (git-fixes).
- mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (git-fixes).
- maple_tree: fix mas_empty_area_rev() null pointer dereference (git-fixes).
- md: add a new helper rdev_has_badblock() (jsc#PED-7542).
- md: add a new helper reshape_interrupted() (jsc#PED-7542).
- md: changed the switch of RAID_VERSION to if (jsc#PED-7542).
- md: check mddev->pers before calling md_set_readonly() (jsc#PED-7542).
- md: clean up invalid BUG_ON in md_ioctl (jsc#PED-7542).
- md: clean up openers check in do_md_stop() and md_set_readonly() (jsc#PED-7542).
- md/dm-raid: do not call md_reap_sync_thread() directly (jsc#PED-7542).
- md: Do not clear MD_CLOSING when the raid is about to stop (jsc#PED-7542).
- md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (jsc#PED-7542).
- md: export helper md_is_rdwr() (jsc#PED-7542).
- md: export helpers to stop sync_thread (jsc#PED-7542).
- md: factor out a helper to sync mddev (jsc#PED-7542).
- md: fix kmemleak of rdev->serial (jsc#PED-7542).
- md: get rdev->mddev with READ_ONCE() (jsc#PED-7542).
- md: merge the check of capabilities into md_ioctl_valid() (jsc#PED-7542).
- md: preserve KABI in struct md_personality (jsc#PED-7542).
- md/raid1-10: add a helper raid1_check_read_range() (jsc#PED-7542).
- md/raid1-10: factor out a new helper raid1_should_read_first() (jsc#PED-7542).
- md/raid1: factor out choose_bb_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out choose_slow_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out helpers to add rdev to conf (jsc#PED-7542).
- md/raid1: factor out helpers to choose the best rdev from read_balance() (jsc#PED-7542).
- md/raid1: factor out read_first_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out the code to manage sequential IO (jsc#PED-7542).
- md/raid1: fix choose next idle in read_balance() (jsc#PED-7542).
- md/raid1: record nonrot rdevs while adding/removing rdevs to conf (jsc#PED-7542).
- md: remove redundant check of 'mddev->sync_thread' (jsc#PED-7542).
- md: remove redundant md_wakeup_thread() (jsc#PED-7542).
- md: return directly before setting did_set_md_closing (jsc#PED-7542).
- md: sync blockdev before stopping raid or setting readonly (jsc#PED-7542).
- md: use RCU lock to protect traversal in md_spares_need_change() (jsc#PED-7542).
- media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes).
- media: cadence: csi2rx: use match fwnode for media link (git-fixes).
- media: cec: core: remove length check of Timer Status (stable-fixes).
- media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).
- media: dvb: as102-fe: Fix as10x_register_addr packing (stable-fixes).
- media: dvbdev: Initialize sbuf (stable-fixes).
- media: dvb-frontends: tda10048: Fix integer overflow (stable-fixes).
- media: dvb-frontends: tda18271c2dd: Remove casting during div (stable-fixes).
- media: dvb-usb: dib0700_devices: Add missing release_firmware() (stable-fixes).
- media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (git-fixes).
- media: dw2102: Do not translate i2c read into write (stable-fixes).
- media: dw2102: fix a potential buffer overflow (git-fixes).
- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).
- media: i2c: et8ek8: Do not strip remove function when driver is builtin (git-fixes).
- media: i2c: Fix imx412 exposure control (git-fixes).
- media: imon: Fix race getting ictx->lock (git-fixes).
- media: imx-jpeg: Drop initial source change event if capture has been setup (git-fixes).
- media: imx-jpeg: Remove some redundant error logs (git-fixes).
- media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() (git-fixes).
- media: ipu3-cio2: Request IRQ earlier (git-fixes).
- media: lgdt3306a: Add a check against null-pointer-def (stable-fixes).
- media: mc: Fix flags handling when creating pad links (stable-fixes).
- media: mc: Fix graph walk in media_pipeline_start (git-fixes).
- media: mc: mark the media devnode as registered from the, start (git-fixes).
- media: mc: Rename pad variable to clarify intent (stable-fixes).
- media: mxl5xx: Move xpt structures off stack (stable-fixes).
- media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).
- media: pci: ivtv: Add check for DMA map result (git-fixes).
- media: radio-shark2: Avoid led_names truncations (git-fixes).
- media: rcar-vin: Fix YUYV8_1X16 handling for CSI-2 (git-fixes).
- media: rcar-vin: work around -Wenum-compare-conditional warning (git-fixes).
- media: renesas: vsp1: Fix _irqsave and _irq mix (git-fixes).
- media: renesas: vsp1: Store RPF partition configuration per RPF instance (git-fixes).
- media: rkisp1: Fix IRQ handling due to shared interrupts (stable-fixes).
- media: s2255: Use refcount_t instead of atomic_t for num_channels (stable-fixes).
- media: sta2x11: fix irq handler cast (stable-fixes).
- media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).
- media: sunxi: a83-mips-csi2: also select GENERIC_PHY (git-fixes).
- media: uvcvideo: Add quirk for Logitech Rally Bar (git-fixes).
- media: uvcvideo: Fix integer overflow calculating timestamp (git-fixes).
- media: uvcvideo: Override default flags (git-fixes).
- media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes).
- media: v4l2-subdev: Fix stream handling for crop API (git-fixes).
- media: v4l: async: Fix NULL pointer dereference in adding ancillary links (git-fixes).
- media: v4l: Do not turn on privacy LED if streamon fails (git-fixes).
- media: v4l: subdev: Fix typo in documentation (git-fixes).
- media: venus: fix use after free in vdec_close (git-fixes).
- media: venus: flush all buffers in output plane streamoff (git-fixes).
- mei: demote client disconnect warning on suspend to debug (stable-fixes).
- mei: me: add arrow lake point H DID (stable-fixes).
- mei: me: add arrow lake point S DID (stable-fixes).
- mei: me: add lunar lake point M DID (stable-fixes).
- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
- mei: me: release irq in mei_me_pci_resume error path (git-fixes).
- Merge branch 'SLE15-SP6' (7c8fc2c7cc52) into 'SLE15-SP6-RT'
- mfd: omap-usb-tll: Use struct_size to allocate tll (git-fixes).
- mfd: pm8008: Fix regmap irq chip initialisation (git-fixes).
- misc: fastrpc: Avoid updating PD type for capability request (git-fixes).
- misc: fastrpc: Copy the complete capability structure to user (git-fixes).
- misc: fastrpc: Fix DSP capabilities request (git-fixes).
- misc: fastrpc: Fix memory leak in audio daemon attach operation (git-fixes).
- misc: fastrpc: Fix ownership reassignment of remote heap (git-fixes).
- misc: fastrpc: Restrict untrusted app to attach to privileged PD (git-fixes).
- misc: microchip: pci1xxxx: Fix a memory leak in the error handling of gp_aux_bus_probe() (git-fixes).
- misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() (git-fixes).
- mISDN: Fix a use after free in hfcmulti_tx() (git-fixes).
- mISDN: fix MISDN_TIME_STAMP handling (git-fixes).
- mlxbf_gige: call request_irq() after NAPI initialized (git-fixes).
- mlxbf_gige: stop interface during shutdown (git-fixes).
- mlxbf_gige: stop PHY during open() error paths (git-fixes).
- mlxsw: Use refcount_t for reference counting (git-fixes).
- mmc: core: Add HS400 tuning in HS400es initialization (stable-fixes).
- mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes).
- mmc: core: Avoid negative index with array access (git-fixes).
- mmc: core: Do not force a retune before RPMB switch (stable-fixes).
- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
- mmc: davinci: Do not strip remove function when driver is builtin (git-fixes).
- mmc: omap: fix broken slot switch lookup (git-fixes).
- mmc: omap: fix deferred probe (git-fixes).
- mmc: omap: restore original power up/down steps (git-fixes).
- mmc: sdhci-acpi: Add quirk to enable pull-up on the card-detect GPIO on Asus T100TA (git-fixes).
- mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes).
- mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes).
- mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes).
- mmc: sdhci: Add support for 'Tuning Error' interrupts (stable-fixes).
- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).
- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).
- mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).
- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).
- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).
- mmc: sdhci-brcmstb: check R1_STATUS for erase/trim/discard (git-fixes).
- mmc: sdhci: Do not invert write-protect twice (git-fixes).
- mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes).
- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
- mmc: sdhci-omap: re-tuning is needed after a pm transition to support emmc HS200 mode (git-fixes).
- mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes).
- mm_init kABI workaround (git-fixes).
- mm: memcg: do not periodically flush stats when memcg is disabled (bsc#1222525).
- mm: memcg: use larger batches for proactive reclaim (bsc#1222522).
- mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366).
- mm,page_owner: Defer enablement of static branch (bsc#1222366).
- mm,page_owner: drop unnecessary check (bsc#1222366).
- mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).
- mm,page_owner: Fix printing of stack records (bsc#1222366).
- mm,page_owner: fix recursion (bsc#1222366).
- mm,page_owner: Fix refcount imbalance (bsc#1222366).
- mm: page_owner: fix wrong information in dump_page_owner (git-fixes).
- mm,page_owner: Update metadata for tail pages (bsc#1222366).
- mm/slab: make __free(kfree) accept error pointers (git-fixes).
- modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS (stable-fixes).
- module: do not ignore sysfs_create_link() failures (git-fixes).
- mptcp: annotate data-races around msk->rmem_fwd_alloc (git-fixes).
- mptcp: fix bogus receive window shrinkage with multiple subflows (git-fixes).
- mptcp: move __mptcp_error_report in protocol.c (git-fixes).
- mptcp: process pending subflow error on close (git-fixes).
- mptcp: Remove unnecessary test for __mptcp_init_sock() (git-fixes).
- mt76: connac: move more mt7921/mt7915 mac shared code in connac lib (bsc#1227149).
- mt76: mt7996: rely on mt76_sta_stats in mt76_wcid (bsc#1227149).
- mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes).
- mtd: diskonchip: work around ubsan link failure (stable-fixes).
- mtd: partitions: redboot: Added conversion of operands to a larger type (stable-fixes).
- mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes).
- mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes).
- mtd: rawnand: Fix the nand_read_data_op() early check (git-fixes).
- mtd: rawnand: hynix: fixed typo (git-fixes).
- mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes).
- mtd: spinand: Add support for 5-byte IDs (stable-fixes).
- net: add netdev_lockdep_set_classes() to virtual drivers (git-fixes).
- net: annotate data-races around sk->sk_bind_phc (git-fixes).
- net: annotate data-races around sk->sk_forward_alloc (git-fixes).
- net: annotate data-races around sk->sk_lingertime (git-fixes).
- net: annotate data-races around sk->sk_tsflags (git-fixes).
- net: bonding: remove kernel-doc comment marker (git-fixes).
- net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes).
- net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes).
- net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes).
- net: cfg802154: fix kernel-doc notation warnings (git-fixes).
- net/dcb: check for detached device before executing callbacks (bsc#1215587).
- net: dsa: microchip: fix register write order in ksz8_ind_write8() (git-fixes).
- net: dsa: mt7530: fix handling of all link-local frames (git-fixes).
- net: dsa: mt7530: fix link-local frames that ingress vlan filtering ports (git-fixes).
- net: dsa: mt7530: prevent possible incorrect XTAL frequency selection (git-fixes).
- net: dsa: mt7530: trap link-local frames regardless of ST Port State (git-fixes).
- net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45() (git-fixes).
- net: ena: Fix incorrect descriptor free behavior (git-fixes).
- net: ena: Fix potential sign extension issue (git-fixes).
- net: ena: Fix redundant device NUMA node override (jsc#PED-8688).
- net: ena: Move XDP code to its new files (git-fixes).
- net: ena: Pass ena_adapter instead of net_device to ena_xmit_common() (git-fixes).
- net: ena: Remove ena_select_queue (git-fixes).
- net: ena: Set tx_info->xdpf value to NULL (git-fixes).
- net: ena: Use tx_ring instead of xdp_ring for XDP channel TX (git-fixes).
- net: ena: Wrong missing IO completions check order (git-fixes).
- net: ethernet: mtk_eth_soc: fix PPE hanging issue (git-fixes).
- net: ethernet: mtk_wed: introduce mtk_wed_buf structure (bsc#1227149).
- net: ethernet: mtk_wed: rename mtk_rxbm_desc in mtk_wed_bm_desc (bsc#1227149).
- net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio (git-fixes).
- net: fec: Set mac_managed_pm during probe (git-fixes).
- net: fill in MODULE_DESCRIPTION()s in kuba@'s modules (bsc#1227149).
- netfilter: nf_tables: disable toggling dormant table state more than once (git-fixes).
- netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID (git-fixes).
- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes).
- net: hns3: fix index limit to support all queue stats (git-fixes).
- net: hns3: fix kernel crash when 1588 is received on HIP08 devices (git-fixes).
- net: hns3: fix kernel crash when devlink reload during pf initialization (git-fixes).
- net: hns3: fix port duplex configure error in IMP reset (git-fixes).
- net: hns3: fix wrong judgment condition issue (git-fixes).
- net: hns3: mark unexcuted loopback test result as UNEXECUTED (git-fixes).
- net: hns3: Remove io_stop_wc() calls after __iowrite64_copy() (bsc#1226502)
- net: hns3: tracing: fix hclgevf trace event strings (git-fixes).
- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (git-fixes).
- net: ks8851: Handle softirqs at the end of IRQ thread to fix hang (git-fixes).
- net: ks8851: Inline ks8851_rx_skb() (git-fixes).
- net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs (git-fixes).
- net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips (git-fixes).
- net: lan743x: disable WOL upon resume to restore full data path operation (git-fixes).
- net: lan743x: Support WOL at both the PHY and MAC appropriately (git-fixes).
- net: libwx: fix memory leak on free page (git-fixes).
- net: llc: fix kernel-doc notation warnings (git-fixes).
- net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).
- net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491).
- net: mana: Fix possible double free in error handling path (git-fixes).
- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
- net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes).
- net: mediatek: mtk_eth_soc: clear MAC_MCR_FORCE_LINK only when MAC is up (git-fixes).
- net/mlx5: Correctly compare pkt reformat ids (git-fixes).
- net/mlx5e: Change the warning when ignore_flow_level is not supported (git-fixes).
- net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit (git-fixes).
- net/mlx5e: Fix MACsec state loss upon state update in offload path (git-fixes).
- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (git-fixes).
- net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes).
- net/mlx5e: RSS, Block changing channels number when RXFH is configured (git-fixes).
- net/mlx5e: RSS, Block XOR hash with over 128 channels (git-fixes).
- net/mlx5: E-switch, Change flow rule destination checking (git-fixes).
- net/mlx5: E-switch, store eswitch pointer before registering devlink_param (git-fixes).
- net/mlx5e: Switch to using _bh variant of of spinlock API in port timestamping NAPI poll context (git-fixes).
- net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (git-fixes).
- net/mlx5: Fix fw reporter diagnose output (git-fixes).
- net/mlx5: Fix MTMP register capability offset in MCAM register (git-fixes).
- net/mlx5: Fix peer devlink set for SF representor devlink port (git-fixes).
- net/mlx5: Lag, restore buckets number to default after hash LAG deactivation (git-fixes).
- net/mlx5: offset comp irq index in name by one (git-fixes).
- net/mlx5: Properly link new fs rules into the tree (git-fixes).
- net/mlx5: Register devlink first under devlink lock (git-fixes).
- net/mlx5: Restore mistakenly dropped parts in register devlink flow (git-fixes).
- net/mlx5: SF, Stop waiting for FW as teardown was called (git-fixes).
- net: nfc: remove inappropriate attrs check (stable-fixes).
- net: NSH: fix kernel-doc notation warning (git-fixes).
- net: pcs: xpcs: Return EINVAL in the internal methods (git-fixes).
- net: phy: fix phy_read_poll_timeout argument type in genphy_loopback (git-fixes).
- net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes).
- net: phy: micrel: fix KSZ9477 PHY issues after suspend/resume (git-fixes).
- net: phy: micrel: Fix potential null pointer dereference (git-fixes).
- net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes).
- net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping (git-fixes).
- net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061 (git-fixes).
- net: phy: microchip: lan87xx: reinit PHY after cable test (git-fixes).
- net: phy: mxl-gpy: Remove interrupt mask clearing from config_init (git-fixes).
- net: phy: phy_device: Fix PHY LED blinking code comment (git-fixes).
- net: phy: phy_device: Prevent nullptr exceptions on ISR (git-fixes).
- net: phy: phy_device: Prevent nullptr exceptions on ISR (stable-fixes).
- net: ravb: Always process TX descriptor ring (git-fixes).
- net: ravb: Let IP-specific receive function to interrogate descriptors (git-fixes).
- net: Remove conditional threaded-NAPI wakeup based on task state (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- net/smc: bugfix for smcr v2 server connect success statistic (git-fixes).
- net/smc: fix documentation of buffer sizes (git-fixes).
- net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (git-fixes).
- net: smsc95xx: add support for SYS TEC USB-SPEmodule1 (git-fixes).
- net: sparx5: Fix use after free inside sparx5_del_mact_entry (git-fixes).
- net: sparx5: fix wrong config being used when reconfiguring PCS (git-fixes).
- net: sparx5: flower: fix fragment flags handling (git-fixes).
- net: stmmac: dwmac-starfive: Add support for JH7100 SoC (git-fixes).
- net: stmmac: Fix incorrect dereference in interrupt handlers (git-fixes).
- net: stmmac: fix rx queue priority assignment (git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).
- net: tls: fix returned read length with async decrypt (bsc#1221858).
- net: tls: fix use-after-free with partial reads and async (bsc#1221858).
- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).
- net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes).
- net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).
- net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes).
- net: usb: ax88179_178a: improve link status logs (git-fixes).
- net: usb: ax88179_178a: improve reset check (git-fixes).
- net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
- net: usb: qmi_wwan: add Telit FN912 compositions (stable-fixes).
- net: usb: qmi_wwan: add Telit FN920C04 compositions (git-fixes).
- net:usb:qmi_wwan: support Rolling modules (stable-fixes).
- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).
- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
- net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
- net: usb: sr9700: stop lying about skb->truesize (git-fixes).
- net: Use sockaddr_storage for getsockopt(SO_PEERNAME) (git-fixes).
- net: veth: do not manipulate GRO when using XDP (git-fixes).
- net: wwan: t7xx: Split 64bit accesses to fix alignment issues (git-fixes).
- net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes).
- nfc/nci: Add the inconsistency check between the input data length and count (stable-fixes).
- nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).
- nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).
- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).
- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
- nf_conntrack: fix -Wunused-const-variable= (git-fixes).
- NFC: trf7970a: disable all regulators on removal (git-fixes).
- nfp: flower: handle acti_netdevs allocation failure (git-fixes).
- NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847).
- NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).
- NFS: add barriers when testing for NFS_FSDATA_BLOCKED (git-fixes).
- nfs: Avoid flushing many pages with NFS_FILE_SYNC (bsc#1218442).
- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).
- nfs: Block on write congestion (bsc#1218442).
- nfs: Bump default write congestion size (bsc#1218442).
- NFSD: change LISTXATTRS cookie encoding to big-endian (git-fixes).
- NFSD: Convert the callback workqueue to use delayed_work (git-fixes).
- nfsd: do not call locks_release_private() twice concurrently (git-fixes).
- nfsd: Fix a regression in nfsd_setattr() (git-fixes).
- NFSD: Fix checksum mismatches in the duplicate reply cache (git-fixes).
- NFSD: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).
- NFSD: fix LISTXATTRS returning more bytes than maxcount (git-fixes).
- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).
- NFSD: Fix nfsd_clid_class use of __string_len() macro (git-fixes).
- nfsd: hold a lighter-weight client reference over CB_RECALL_ANY (git-fixes).
- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).
- NFSD: Reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes).
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- NFSD: Retransmit callbacks after client reconnects (git-fixes).
- nfs: Drop pointless check from nfs_commit_release_pages() (bsc#1218442).
- nfs: drop the incorrect assertion in nfs_swap_rw() (git-fixes).
- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).
- NFS: Fix an off by one in root_nfs_cat() (git-fixes).
- NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt (git-fixes).
- nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (git-fixes).
- NFS: Fix READ_PLUS when server does not support OP_READ_PLUS (git-fixes).
- nfs: fix undefined behavior in nfs_block_bits() (git-fixes).
- nfs: Fix up kabi after adding write_congestion_wait (bsc#1218442).
- nfs: Handle error of rpc_proc_register() in nfs_net_init() (git-fixes).
- nfs: keep server info for remounts (git-fixes).
- nfs: Properly initialize server->writeback (bsc#1218442).
- NFS: Read unlock folio on nfs_page_create_from_folio() error (git-fixes).
- NFSv4.1 enforce rootpath check in fs_location query (git-fixes).
- NFSv4.1/pnfs: fix NFS with TLS in pnfs (git-fixes).
- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).
- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).
- NFSv4: Fixup smatch warning for ambiguous return (git-fixes).
- NFSv4.x: by default serialize open/close operations (bsc#1223863 bsc#1227362).
- nilfs2: add missing check for inode numbers on directory entries (stable-fixes).
- nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (git-fixes).
- nilfs2: convert persistent object allocator to use kmap_local (git-fixes).
- nilfs2: fix incorrect inode allocation from reserved inodes (git-fixes).
- nilfs2: fix inode number range checks (stable-fixes).
- nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (git-fixes).
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- nilfs2: fix out-of-range warning (git-fixes).
- nilfs2: fix potential bug in end_buffer_async_write (git-fixes).
- nilfs2: fix potential hang in nilfs_detach_log_writer() (git-fixes).
- nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).
- nilfs2: fix use-after-free of timer for log writer thread (git-fixes).
- nilfs2: make superblock data array index computation sparse friendly (git-fixes).
- nilfs2: return the mapped address from nilfs_get_page() (stable-fixes).
- nouveau: add an ioctl to report vram usage (stable-fixes).
- nouveau: add an ioctl to return vram bar size (stable-fixes).
- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
- nouveau: fix devinit paths to only handle display on GSP (git-fixes).
- nouveau: fix function cast warning (git-fixes).
- nouveau: fix instmem race condition around ptr stores (git-fixes).
- nouveau/gsp: do not check devinit disable on GSP (git-fixes).
- nouveau: lock the client object tree (stable-fixes).
- nouveau: report byte usage in VRAM usage (git-fixes).
- nouveau: reset the bo resource bus info after an eviction (git-fixes).
- nouveau/uvmm: fix addr/range calcs for remap operations (git-fixes).
- nvdimm: make nvdimm_bus_type const (jsc#PED-5853).
- nvdimm/pmem: fix leak on dax_add_host() failure (jsc#PED-5853).
- nvdimm/pmem: Treat alloc_dax() -EOPNOTSUPP failure as non-fatal (jsc#PED-5853).
- nvme: cancel pending I/O if nvme controller is in terminal state (bsc#1226503).
- nvme: do not retry authentication failures (bsc#1186716).
- nvme-fabrics: short-circuit reconnect retries (bsc#1186716).
- nvme-fc: do not wait in vain when unloading module (git-fixes).
- nvme: find numa distance only if controller has valid numa id (git-fixes).
- nvme: fix multipath batched completion accounting (git-fixes).
- nvme: fix nvme_pr_* status code parsing (git-fixes).
- nvme: fix reconnection fail due to reserved tag allocation (git-fixes).
- nvme: fix warn output about shared namespaces without CONFIG_NVME_MULTIPATH (git-fixes).
- nvme-multipath: fix io accounting on failover (git-fixes).
- nvme-pci: Add quirk for broken MSIs (git-fixes).
- nvme: return kernel error codes for admin queue connect (bsc#1186716).
- nvmet-auth: replace pr_debug() with pr_err() to report an error (git-fixes).
- nvmet-auth: return the error code to the nvmet_auth_host_hash() callers (git-fixes).
- nvme/tcp: Add wq_unbound modparam for nvme_tcp_wq (bsc#1224049).
- nvme-tcp: Export the nvme_tcp_wq to sysfs (bsc#1224049).
- nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858).
- nvmet-fc: abort command when there is no binding (git-fixes).
- nvmet-fc: defer cleanup using RCU properly (git-fixes).
- nvmet-fc: hold reference on hostport match (git-fixes).
- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
- nvmet-fc: release reference on target port (git-fixes).
- nvmet: fix ns enable/disable possible hang (git-fixes).
- nvmet: fix nvme status code when namespace is disabled (git-fixes).
- nvmet: lock config semaphore when accessing DH-HMAC-CHAP key (bsc#1186716).
- nvmet-passthru: propagate status from id override functions (git-fixes).
- nvmet: prevent sprintf() overflow in nvmet_subsys_nsid_exists() (git-fixes).
- nvmet: return DHCHAP status codes from nvmet_setup_auth() (bsc#1186716).
- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
- nvmet-tcp: fix possible memory leak when tearing down a controller (git-fixes).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: fix DIO failure due to insufficient transaction credits (git-fixes).
- ocfs2: fix races between hole punching and AIO+DIO (git-fixes).
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- ocfs2: use coarse time for new created files (git-fixes).
- octeontx2-af: Add array index check (git-fixes).
- octeontx2-af: Fix devlink params (git-fixes).
- octeontx2-af: Fix issue with loading coalesced KPU profiles (git-fixes).
- octeontx2-af: Fix NIX SQ mode and BP config (git-fixes).
- Octeontx2-af: fix pause frame configuration in GMP mode (git-fixes).
- octeontx2-af: Use matching wake_up API variant in CGX command interface (git-fixes).
- octeontx2-af: Use separate handlers for interrupts (git-fixes).
- octeontx2: Detect the mbox up or down message via register (git-fixes).
- octeontx2-pf: check negative error code in otx2_open() (git-fixes).
- octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation (git-fixes).
- octeontx2-pf: Fix transmit scheduler resource leak (git-fixes).
- octeontx2-pf: Send UP messages to VF only when VF is up (git-fixes).
- octeontx2-pf: Use default max_active works instead of one (git-fixes).
- octeontx2-pf: Wait till detach_resources msg is complete (git-fixes).
- of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (git-fixes).
- of: module: add buffer overflow check in of_modalias() (git-fixes).
- of: module: prevent NULL pointer dereference in vsnprintf() (stable-fixes).
- of: property: Add in-ports/out-ports support to of_graph_get_port_parent() (stable-fixes).
- of: property: fix typo in io-channels (git-fixes).
- of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing (git-fixes).
- of: property: Improve finding the consumer of a remote-endpoint property (git-fixes).
- of: property: Improve finding the supplier of a remote-endpoint property (git-fixes).
- of: unittest: Fix compile in the non-dynamic case (git-fixes).
- orangefs: fix out-of-bounds fsid access (git-fixes).
- overflow: Allow non-type arg to type_max() and type_min() (stable-fixes).
- PCI/AER: Block runtime suspend when handling errors (stable-fixes).
- PCI/ASPM: Update save_state when configuration changes (bsc#1226915)
- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).
- PCI: Clear Secondary Status errors after enumeration (bsc#1226928)
- PCI: Delay after FLR of Solidigm P44 Pro NVMe (stable-fixes).
- PCI: Disable D3cold on Asus B1400 PCI-NVMe bridge (stable-fixes).
- PCI: Do not wait for disconnected devices when resuming (git-fixes).
- PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal (git-fixes).
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (stable-fixes).
- PCI/DPC: Use FIELD_GET() (stable-fixes).
- PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes).
- PCI: dwc: Fix index 0 incorrectly being interpreted as a free ATU slot (git-fixes).
- PCI: dw-rockchip: Fix initial PERST# GPIO value (git-fixes).
- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI: endpoint: Clean up error handling in vpci_scan_bus() (git-fixes).
- PCI: endpoint: Fix error handling in epf_ntb_epc_cleanup() (git-fixes).
- PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init() (git-fixes).
- PCI: Execute quirk_enable_clear_retrain_link() earlier (stable-fixes).
- PCI: Extend ACS configurability (bsc#1228090).
- PCI: Fix resource double counting on remove & rescan (git-fixes).
- PCI: Fix typos in docs and comments (stable-fixes).
- PCI: hv: Fix ring buffer size calculation (git-fixes).
- PCI: Introduce cleanup helpers for device reference counts and locks (stable-fixes).
- PCI: keystone: Do not enable BAR 0 for AM654x (git-fixes).
- PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() (git-fixes).
- PCI: keystone: Relocate ks_pcie_set/clear_dbi_mode() (git-fixes).
- PCI: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).
- PCI/MSI: Fix UAF in msi_capability_init (git-fixes).
- PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (stable-fixes).
- PCI/PM: Drain runtime-idle callbacks before driver removal (stable-fixes).
- PCI: qcom: Add support for sa8775p SoC (git-fixes).
- PCI: qcom: Disable ASPM L0s for sc8280xp, sa8540p and sa8295p (git-fixes).
- PCI: qcom-ep: Disable resources unconditionally during PERST# assert (git-fixes).
- PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() (git-fixes).
- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).
- PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (git-fixes).
- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).
- PCI: Simplify pcie_capability_clear_and_set_word() to ..._clear_word() (stable-fixes).
- PCI: switchtec: Add support for PCIe Gen5 devices (stable-fixes).
- PCI: switchtec: Use normal comment style (stable-fixes).
- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).
- PCI: tegra194: Set EP alignment restriction for inbound ATU (git-fixes).
- PCI: vmd: Create domain symlink before pci_bus_add_devices() (bsc#1227363).
- peci: linux/peci.h: fix Excess kernel-doc description warning (git-fixes).
- perf annotate: Fix annotation_calc_lines() to pass correct address to get_srcline() (git-fixes).
- perf annotate: Get rid of duplicate --group option item (git-fixes).
- perf auxtrace: Fix multiple use of --itrace option (git-fixes).
- perf bench internals inject-build-id: Fix trap divide when collecting just one DSO (git-fixes).
- perf bench uprobe: Remove lib64 from libc.so.6 binary path (git-fixes).
- perf bpf: Clean up the generated/copied vmlinux.h (git-fixes).
- perf daemon: Fix file leak in daemon_session__control (git-fixes).
- perf docs: Document bpf event modifier (git-fixes).
- perf: Enqueue SIGTRAP always via task_work (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- perf evsel: Fix duplicate initialization of data->id in evsel__parse_sample() (git-fixes).
- perf expr: Fix 'has_event' function for metric style events (git-fixes).
- perf intel-pt: Fix unassigned instruction op (discovered by MemorySanitizer) (git-fixes).
- perf jevents: Drop or simplify small integer values (git-fixes).
- perf list: fix short description for some cache events (git-fixes).
- perf lock contention: Add a missing NULL check (git-fixes).
- perf metric: Do not remove scale from counts (git-fixes).
- perf: Move irq_work_queue() where the event is prepared (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- perf pmu: Count sys and cpuid JSON events separately (git fixes).
- perf pmu: Fix a potential memory leak in perf_pmu__lookup() (git-fixes).
- perf pmu: Treat the msr pmu as software (git-fixes).
- perf print-events: make is_event_supported() more robust (git-fixes).
- perf probe: Add missing libgen.h header needed for using basename() (git-fixes).
- perf record: Check conflict between '--timestamp-filename' option and pipe mode before recording (git-fixes).
- perf record: Fix debug message placement for test consumption (git-fixes).
- perf record: Fix possible incorrect free in record__switch_output() (git-fixes).
- perf: Remove perf_swevent_get_recursion_context() from perf_pending_task() (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- perf report: Avoid SEGV in report__setup_sample_type() (git-fixes).
- perf sched timehist: Fix -g/--call-graph option failure (git-fixes).
- perf script: Show also errors for --insn-trace option (git-fixes).
- perf: Split __perf_pending_irq() out of perf_pending_irq() (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- perf srcline: Add missed addr2line closes (git-fixes).
- perf stat: Avoid metric-only segv (git-fixes).
- perf stat: Do not display metric header for non-leader uncore events (git-fixes).
- perf stat: Do not fail on metrics on s390 z/VM systems (git-fixes).
- perf symbols: Fix ownership of string in dso__load_vmlinux() (git-fixes).
- perf tests: Apply attributes to all events in object code reading test (git-fixes).
- perf test shell arm_coresight: Increase buffer size for Coresight basic tests (git-fixes).
- perf tests: Make data symbol test wait for perf to start (bsc#1220045).
- perf tests: Make 'test data symbol' more robust on Neoverse N1 (git-fixes).
- perf tests: Skip data symbol test if buf1 symbol is missing (bsc#1220045).
- perf thread: Fixes to thread__new() related to initializing comm (git-fixes).
- perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() (git-fixes).
- perf top: Uniform the event name for the hybrid machine (git-fixes).
- perf top: Use evsel's cpus to replace user_requested_cpus (git-fixes).
- perf ui browser: Avoid SEGV on title (git fixes).
- perf ui browser: Do not save pointer to stack memory (git-fixes).
- perf vendor events amd: Add Zen 4 memory controller events (git-fixes).
- perf vendor events amd: Fix Zen 4 cache latency events (git-fixes).
- perf/x86/amd/core: Avoid register reset when CPU is dead (git-fixes).
- perf/x86/amd/lbr: Discard erroneous branch entries (git-fixes).
- perf/x86/amd/lbr: Use freeze based on availability (git-fixes).
- perf/x86: Fix out of range data (git-fixes).
- perf/x86/intel/ds: Do not clear ->pebs_data_cfg for the last PEBS event (git-fixes).
- perf/x86/intel: Expose existence of callback support to KVM (git-fixes).
- phy: cadence-torrent: Check return value on register read (git-fixes).
- phy: freescale: imx8m-pcie: fix pcie link-up instability (git-fixes).
- phy: marvell: a3700-comphy: Fix hardcoded array size (git-fixes).
- phy: marvell: a3700-comphy: Fix out of bounds read (git-fixes).
- phy: rockchip: naneng-combphy: Fix mux on rk3588 (git-fixes).
- phy: rockchip-snps-pcie3: fix bifurcation on rk3588 (git-fixes).
- phy: rockchip-snps-pcie3: fix clearing PHP_GRF_PCIESEL_CON bits (git-fixes).
- phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered (git-fixes).
- pinctrl: armada-37xx: remove an unused variable (git-fixes).
- pinctrl: baytrail: Fix selecting gpio pinctrl state (git-fixes).
- pinctrl: core: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).
- pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git-fixes).
- pinctrl: freescale: mxs: Fix refcount of child (git-fixes).
- pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback (git-fixes).
- pinctrl: mediatek: paris: Rework support for PIN_CONFIG_{INPUT,OUTPUT}_ENABLE (git-fixes).
- pinctrl/meson: fix typo in PDM's pin name (git-fixes).
- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes).
- pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs (git-fixes).
- pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes).
- pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).
- pinctrl: renesas: r8a779g0: Fix CANFD5 suffix (git-fixes).
- pinctrl: renesas: r8a779g0: Fix FXR_TXEN[AB] suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix (H)SCIF1 suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix (H)SCIF3 suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix IRQ suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: FIX PWM suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix TCLK suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix TPU suffixes (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes).
- pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes).
- pinctrl: single: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- platform/chrome: cros_ec_debugfs: fix wrong EC message version (git-fixes).
- platform/chrome: cros_ec_uart: properly fix race condition (git-fixes).
- platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes (stable-fixes).
- platform/x86: dell-smbios: Fix wrong token data in sysfs (git-fixes).
- platform/x86/intel/tpmi: Handle error from tpmi_process_info() (stable-fixes).
- platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes).
- platform/x86: ISST: Add Grand Ridge to HPM CPU list (stable-fixes).
- platform/x86: ISST: Add Granite Rapids-D to HPM CPU list (stable-fixes).
- platform/x86: lg-laptop: Change ACPI device id (stable-fixes).
- platform/x86: lg-laptop: Remove LGEX0815 hotkey handling (stable-fixes).
- platform/x86: lg-laptop: Use ACPI device handle when evaluating WMAB/WMBB (stable-fixes).
- platform/x86: thinkpad_acpi: Take hotkey_mutex during hotkey_exit() (git-fixes).
- platform/x86: toshiba_acpi: Add quirk for buttons on Z830 (stable-fixes).
- platform/x86: toshiba_acpi: Fix array out-of-bounds access (git-fixes).
- platform/x86: toshiba_acpi: Fix quickstart quirk handling (git-fixes).
- platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).
- platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6' tablet (stable-fixes).
- platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro (stable-fixes).
- platform/x86: wireless-hotkey: Add support for LG Airplane Button (stable-fixes).
- platform/x86: x86-android-tablets: Fix acer_b1_750_goodix_gpios name (stable-fixes).
- platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes).
- PM / devfreq: Synchronize devfreq_monitor_[start/stop] (stable-fixes).
- PM: s2idle: Make sure CPUs will wakeup directly on resume (git-fixes).
- pNFS/filelayout: fixup pNfs allocation modes (git-fixes).
- Port 'certs: Move RSA self-test data to separate file'.
- powerpc/64s/radix/kfence: map __kfence_pool at page granularity (bsc#1223570 ltc#205770).
- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).
- powerpc/crypto/chacha-p10: Fix failure on non Power10 (bsc#1218205).
- powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740).
- powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks (git-fixes).
- powerpc/prom: Add CPU info to hardware description string later (bsc#1215199).
- powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).
- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).
- powerpc/pseries: make max polling consistent for longer H_CALLs (bsc#1215199).
- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).
- powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
- powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869).
- powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).
- power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).
- power: supply: ab8500: Fix error handling when calling iio_read_channel_processed() (git-fixes).
- power: supply: cros_usbpd: provide ID table for avoiding fallback match (stable-fixes).
- power: supply: ingenic: Fix some error handling paths in ingenic_battery_get_property() (git-fixes).
- power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator (git-fixes).
- ppdev: Add an error check in register_device (git-fixes).
- prctl: generalize PR_SET_MDWE support check to be per-arch (bsc#1225610).
- Preparation update to v6.10-rc3-rt5 ((bsc#1214683 (PREEMPT_RT prerequisite backports)).
- printk: Add this_cpu_in_panic() (bsc#1225607).
- printk: Adjust mapping for 32bit seq macros (bsc#1225607).
- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1225607).
- printk: Consolidate console deferred printing (bsc#1225607).
- printk: Disable passing console lock owner completely during panic() (bsc#1225607).
- printk: Do not take console lock for console_flush_on_panic() (bsc#1225607).
- printk: For @suppress_panic_printk check for other CPU in panic (bsc#1225607).
- printk: Keep non-panic-CPUs out of console lock (bsc#1225607).
- printk: Let no_printk() use _printk() (bsc#1225618).
- printk: nbcon: Relocate 32bit seq macros (bsc#1225607).
- printk: Reduce console_unblank() usage in unsafe scenarios (bsc#1225607).
- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1225607).
- printk: ringbuffer: Clarify special lpos values (bsc#1225607).
- printk: ringbuffer: Cleanup reader terminology (bsc#1225607).
- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1225607).
- printk: ringbuffer: Skip non-finalized records in panic (bsc#1225607).
- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616).
- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1225607).
- printk: Wait for all reserved records with pr_flush() (bsc#1225607).
- proc/kcore: do not try to access unaccepted memory (git-fixes).
- pstore: inode: Convert mutex usage to guard(mutex) (stable-fixes).
- pstore: inode: Only d_invalidate() is needed (git-fixes).
- pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).
- pwm: img: fix pwm clock lookup (git-fixes).
- pwm: sti: Prepare removing pwm_chip from driver data (stable-fixes).
- pwm: sti: Simplify probe function using devm functions (git-fixes).
- pwm: stm32: Always do lazy disabling (git-fixes).
- qibfs: fix dentry leak (git-fixes)
- r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d (git-fixes).
- r8169: skip DASH fw status checks when DASH is disabled (git-fixes).
- random: handle creditable entropy from atomic process context (git-fixes).
- RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300).
- RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300).
- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).
- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).
- RDMA/bnxt_re: Fix the max msix vectors macro (git-fixes)
- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
- RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw (git-fixes)
- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes)
- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)
- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)
- RDMA/hns: Fix GMV table pagesize (git-fixes)
- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)
- RDMA/hns: Fix UAF for cq async event (git-fixes)
- RDMA/hns: Modify the print level of CQE error (git-fixes)
- RDMA/hns: Use complete parentheses in macros (git-fixes)
- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)
- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).
- RDMA/mana_ib: Ignore optional access flags for MRs (git-fixes).
- RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)
- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)
- RDMA/mlx5: Change check for cacheable mkeys (git-fixes)
- RDMA/mlx5: Ensure created mkeys always have a populated rb_key (git-fixes)
- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)
- RDMA/mlx5: Fix unwind flow as part of mlx5_ib_stage_init_init (git-fixes)
- RDMA/mlx5: Follow rb_key.ats when creating new mkeys (git-fixes)
- RDMA/mlx5: Remove extra unlock on error path (git-fixes)
- RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent (git-fixes)
- RDMA/restrack: Fix potential invalid address access (git-fixes)
- RDMA/rxe: Allow good work requests to be executed (git-fixes)
- RDMA/rxe: Fix data copy for IB_SEND_INLINE (git-fixes)
- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)
- RDMA/rxe: Fix responder length checking for UD request packets (git-fixes)
- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)
- RDMA/rxe: Fix the problem 'mutex_destroy missing' (git-fixes)
- README.BRANCH: Remove copy of branch name
- Reapply 'drm/qxl: simplify qxl_fence_wait' (stable-fixes).
- Refresh ARM (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- Refresh kabi workaround ath updates (bsc#1227149#)
- Refresh the previous ASoC patch, landed in subsystem tree (bsc#1228269)
- regmap: Add regmap_read_bypassed() (git-fixes).
- regmap-i2c: Subtract reg size from max_write (stable-fixes).
- regmap: kunit: Ensure that changed bytes are actually different (stable-fixes).
- regmap: maple: Fix cache corruption in regcache_maple_drop() (git-fixes).
- regmap: maple: Fix uninitialized symbol 'ret' warnings (git-fixes).
- regulator: bd71815: fix ramp values (git-fixes).
- regulator: bd71828: Do not overwrite runtime voltages (git-fixes).
- regulator: change devm_regulator_get_enable_optional() stub to return Ok (git-fixes).
- regulator: change stubbed devm_regulator_get_enable to return Ok (git-fixes).
- regulator: core: fix debugfs creation regression (git-fixes).
- regulator: core: Fix modpost error 'regulator_get_regmap' undefined (git-fixes).
- regulator: irq_helpers: duplicate IRQ name (stable-fixes).
- regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).
- regulator: tps65132: Add of_match table (stable-fixes).
- regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes).
- remoteproc: imx_rproc: Fix refcount mistake in imx_rproc_addr_init (git-fixes).
- remoteproc: imx_rproc: Skip over memory region when node value is NULL (git-fixes).
- remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs (git-fixes).
- remoteproc: k3-r5: Fix IPC-only mode detection (git-fixes).
- remoteproc: k3-r5: Jump to error handling labels in start/stop errors (git-fixes).
- remoteproc: k3-r5: Wait for core0 power-up before powering up core1 (git-fixes).
- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).
- remoteproc: stm32: Fix incorrect type assignment returned by stm32_rproc_get_loaded_rsc_tablef (git-fixes).
- remoteproc: stm32_rproc: Fix mailbox interrupts queuing (git-fixes).
- remoteproc: virtio: Fix wdg cannot recovery remote processor (git-fixes).
- Remove NTFSv3 from configs (bsc#1224429) References: bsc#1224429 comment#3 We only support fuse version of the NTFS-3g driver. Disable NTFSv3 from all configs. This was enabled in d016c04d731 ('Bump to 6.4 kernel (jsc#PED-4593)')
- Replace with mainline and sort
- Revert 'ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default' (stable-fixes).
- Revert 'ASoC: SOF: Intel: hda-dai-ops: only allocate/release streams for first CPU DAI' (stable-fixes).
- Revert 'ASoC: SOF: Intel: hda-dai-ops: reset device count for SoundWire DAIs' (stable-fixes).
- Revert 'build initrd without systemd' (bsc#1195775)'
- Revert 'drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()' (stable-fixes).
- Revert 'drm/amd/display: Fix sending VSC (+ colorimetry) packets for DP/eDP displays without PSR' (stable-fixes).
- Revert 'drm/amdkfd: fix gfx_target_version for certain 11.0.3 devices' (stable-fixes).
- Revert 'drm/bridge: tc358767: Set default CLRSIPO count' (stable-fixes).
- Revert 'drm/bridge: ti-sn65dsi83: Fix enable error path' (git-fixes).
- Revert 'drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor()' (stable-fixes).
- Revert 'drm/qxl: simplify qxl_fence_wait' (git-fixes).
- Revert 'gfs2: fix glock shrinker ref issues' (git-fixes).
- Revert 'iommu/amd: Enable PCI/IMS' (git-fixes).
- Revert 'iommu/vt-d: Enable PCI/IMS' (git-fixes).
- Revert 'leds: led-core: Fix refcount leak in of_led_get()' (git-fixes).
- Revert 'net/mlx5: Block entering switchdev mode with ns inconsistency' (git-fixes).
- Revert 'net/mlx5e: Check the number of elements before walk TC rhashtable' (git-fixes).
- Revert 'PCI/MSI: Provide IMS (Interrupt Message Store) support' (git-fixes).
- Revert 'PCI/MSI: Provide pci_ims_alloc/free_irq()' (git-fixes).
- Revert 'PCI/MSI: Provide stubs for IMS functions' (git-fixes).
- Revert 'selinux: introduce an initial SID for early boot processes' (bsc#1208593) It caused a regression on ALP-current branch, kernel-obs-qa build failed.
- Revert 'serial: core: only stop transmit when HW fifo is empty' (git-fixes).
- Revert 'usb: cdc-wdm: close race between read and workqueue' (git-fixes).
- Revert 'usb: musb: da8xx: Set phy in OTG mode by default' (stable-fixes).
- Revert 'usb: phy: generic: Get the vbus supply' (git-fixes).
- Revert 'wifi: ath11k: call ath11k_mac_fils_discovery() without condition' (bsc#1227149).
- Revert 'wifi: ath12k: use ATH12K_PCI_IRQ_DP_OFFSET for DP IRQ' (bsc#1227149).
- Revert 'wifi: iwlwifi: bump FW API to 90 for BZ/SC devices' (bsc#1227149).
- ring-buffer: Do not set shortest_full when full target is hit (git-fixes).
- ring-buffer: Fix a race between readers and resize checks (git-fixes).
- ring-buffer: Fix full_waiters_pending in poll (git-fixes).
- ring-buffer: Fix resetting of shortest_full (git-fixes).
- ring-buffer: Fix waking up ring buffer readers (git-fixes).
- ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).
- ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes).
- ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes).
- rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (git-fixes).
- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.
- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.
- rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.
- rtc: abx80x: Fix return value of nvmem callback on read (git-fixes).
- rtc: cmos: Fix return value of nvmem callbacks (git-fixes).
- rtc: interface: Add RTC offset to alarm after fix-up (git-fixes).
- rtc: isl1208: Fix return value of nvmem callbacks (git-fixes).
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).
- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224792).
- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223869).
- s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224793).
- s390/cpacf: Make use of invalid opcode produce a link error (git-fixes bsc#1227072).
- s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1225133).
- s390: Implement __iowrite32_copy() (bsc#1226502)
- s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225136).
- s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225134).
- s390/ism: Properly fix receive message buffer allocation (git-fixes bsc#1223590).
- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223871).
- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223872).
- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223874).
- s390: Stop using weak symbols for __iowrite64_copy() (bsc#1226502)
- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223870).
- s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223593).
- s390/vtime: fix average steal time calculation (git-fixes bsc#1221783).
- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223592).
- saa7134: Unchecked i2c_transfer function result fixed (git-fixes).
- sched/balancing: Rename newidle_balance() => sched_balance_newidle() (bsc#1222173).
- sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791).
- sched/debug: Update stale reference to sched_debug.c (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- sched/fair: Check root_domain::overload value before update (bsc#1222173).
- sched/fair: Use helper functions to access root_domain::overload (bsc#1222173).
- sched/psi: Select KERNFS as needed (git-fixes).
- sched/topology: Optimize topology_span_sane() (bsc#1225053).
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes).
- scsi: core: Consult supported VPD page list prior to fetching page (git-fixes).
- scsi: core: Fix unremoved procfs host directory regression (git-fixes).
- scsi: csiostor: Avoid function pointer casts (git-fixes).
- scsi: hisi_sas: Modify the deadline for ata_wait_after_reset() (git-fixes).
- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).
- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).
- scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).
- scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842).
- scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842).
- scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).
- scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842).
- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).
- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).
- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).
- scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777).
- scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842).
- scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777).
- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777).
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959).
- scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777).
- scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777).
- scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842).
- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).
- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
- scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).
- scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).
- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes).
- scsi: mylex: Fix sysfs buffer lengths (git-fixes).
- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes).
- scsi: sg: Avoid race in error handling & drop bogus warn (git-fixes).
- scsi: sg: Avoid sg device teardown race (git-fixes).
- scsi: smartpqi: Fix disable_managed_interrupts (git-fixes).
- sctp: annotate data-races around sk->sk_wmem_queued (git-fixes).
- sdhci-of-dwcmshc: disable PM runtime in dwcmshc_remove() (git-fixes).
- selftests/binderfs: use the Makefile's rules, not Make's implicit rules (git-fixes).
- selftests/bpf: add edge case backtracking logic test (bsc#1225756).
- selftests/bpf: precision tracking test for BPF_NEG and BPF_END (bsc#1225756).
- selftests/bpf: test case for callback_depth states pruning logic (bsc#1225903).
- selftests/bpf: test if state loops are detected in a tricky case (bsc#1225903).
- selftests/bpf: tests for iterating callbacks (bsc#1225903).
- selftests/bpf: tests with delayed read/precision makrs in loop body (bsc#1225903).
- selftests/bpf: test widening for iterating callbacks (bsc#1225903).
- selftests/bpf: track string payload offset as scalar in strobemeta (bsc#1225903).
- selftests/bpf: track tcp payload offset as scalar in xdp_synproxy (bsc#1225903).
- selftests: default to host arch for LLVM builds (git-fixes).
- selftests: fix OOM in msg_zerocopy selftest (git-fixes).
- selftests: forwarding: Fix ping failure due to short timeout (git-fixes).
- selftests/ftrace: Fix event filter target_func selection (stable-fixes).
- selftests/ftrace: Limit length in subsystem-enable tests (git-fixes).
- selftests: hsr: Extend the testsuite to also cover HSRv1 (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- selftests: hsr: Reorder the testsuite (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- selftests: hsr: Use `let' properly (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- selftests/kcmp: remove unused open mode (git-fixes).
- selftests: kselftest: Fix build failure with NOLIBC (git-fixes).
- selftests: kselftest: Mark functions that unconditionally call exit() as __noreturn (git-fixes).
- selftests: make order checking verbose in msg_zerocopy selftest (git-fixes).
- selftests/mm: compaction_test: fix incorrect write of zero to nr_hugepages (git-fixes).
- selftests/mm: fix build warnings on ppc64 (stable-fixes).
- selftests: mptcp: add ms units for tc-netem delay (stable-fixes).
- selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval (git-fixes).
- selftests/net: convert test_bridge_neigh_suppress.sh to run it in unique namespace (stable-fixes).
- selftests: net: kill smcrouted in the cleanup logic in amt.sh (git-fixes).
- selftests: net: move amt to socat for better compatibility (git-fixes).
- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).
- selftests/powerpc/dexcr: Add -no-pie to hashchk tests (git-fixes).
- selftests/powerpc/papr-vpd: Fix missing variable initialization (jsc#PED-4486 git-fixes).
- selftests/resctrl: fix clang build failure: use LOCAL_HDRS (git-fixes).
- selftests/sigaltstack: Fix ppc64 GCC build (git-fixes).
- selftests: sud_test: return correct emulated syscall value on RISC-V (stable-fixes).
- selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC (git-fixes).
- selftests: timers: Convert posix_timers test to generate KTAP output (stable-fixes).
- selftests: timers: Fix abs() warning in posix_timers test (git-fixes).
- selftests: timers: Fix posix_timers ksft_print_msg() warning (git-fixes).
- selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior (stable-fixes).
- selftests/timers/posix_timers: Reimplement check_timer_distribution() (git-fixes).
- selftests: vxlan_mdb: Fix failures with old libnet (git-fixes).
- selinux: avoid dereference of garbage after mount failure (git-fixes).
- selinux: introduce an initial SID for early boot processes (bsc#1208593).
- serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).
- serial: 8250_dw: Revert: Do not reclock if already at correct rate (git-fixes).
- serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).
- serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup (git-fixes).
- serial: bcm63xx-uart: fix tx after conversion to uart_port_tx_limited() (git-fixes).
- serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).
- serial: core: introduce uart_port_tx_limited_flags() (git-fixes).
- serial: core: only stop transmit when HW fifo is empty (git-fixes).
- serial: exar: adding missing CTI and Exar PCI ids (stable-fixes).
- serial: imx: Introduce timeout when waiting on transmitter empty (stable-fixes).
- serial: imx: Raise TX trigger level to 8 (stable-fixes).
- serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes).
- serial: Lock console when calling into driver before registration (git-fixes).
- serial: max3100: Fix bitwise types (git-fixes).
- serial: max3100: Lock port->lock when calling uart_handle_cts_change() (git-fixes).
- serial: max310x: fix NULL pointer dereference in I2C instantiation (git-fixes).
- serial: max310x: fix syntax error in IRQ error message (git-fixes).
- serial: mxs-auart: add spinlock around changing cts state (git-fixes).
- serial: pch: Do not disable interrupts while acquiring lock in ISR (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- serial: pch: Do not initialize uart_port's spin_lock (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- serial: pch: Invoke handle_rx_to() directly (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- serial: pch: Make push_rx() return void (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
- serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes).
- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes).
- serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).
- serial: stm32: Reset .throttled state in .startup() (git-fixes).
- SEV: disable SEV-ES DebugSwap by default (git-fixes).
- slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
- smb3: allow controlling length of time directory entries are cached with dir leases (git-fixes, bsc#1225172).
- smb3: allow controlling maximum number of cached directories (git-fixes, bsc#1225172).
- smb3: do not start laundromat thread when dir leases disabled (git-fixes, bsc#1225172).
- smb: client: do not start laundromat thread on nohandlecache (git-fixes, bsc#1225172).
- smb: client: make laundromat a delayed worker (git-fixes, bsc#1225172).
- smb: client: prevent new fids from being removed by laundromat (git-fixes, bsc#1225172).
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).
- soc: fsl: qbman: Use raw spinlock for cgr_lock (git-fixes).
- sock_diag: annotate data-races around sock_diag_handlers[family] (git-fixes).
- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).
- soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt (stable-fixes).
- soc: qcom: pdr: fix parsing of domains lists (git-fixes).
- soc: qcom: pdr: protect locator_addr with the main mutex (git-fixes).
- soc: qcom: pmic_glink: do not traverse clients list without a lock (git-fixes).
- soc: qcom: pmic_glink: Handle the return value of pmic_glink_init (git-fixes).
- soc: qcom: pmic_glink: Make client-lock non-sleeping (git-fixes).
- soc: qcom: pmic_glink: notify clients about the current state (git-fixes).
- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).
- soc: qcom: rpmh-rsc: Ensure irqs are not disabled by rpmh_rsc_send_data() callers (git-fixes).
- soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (stable-fixes).
- soc: xilinx: rename cpu_number1 to dummy_cpu_number (git-fixes).
- soundwire: amd: fix for wake interrupt handling for clockstop mode (git-fixes).
- soundwire: cadence: fix invalid PDI offset (stable-fixes).
- speakup: Avoid crash on very long word (git-fixes).
- speakup: Fix 8bit characters from direct synth (git-fixes).
- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).
- spi: atmel-quadspi: Add missing check for clk_prepare (git-fixes).
- spi: cadence: Ensure data lines set to low during dummy-cycle period (stable-fixes).
- spi: Do not mark message DMA mapped when no transfer in it is (git-fixes).
- spi: fix null pointer dereference within spi_sync (git-fixes).
- spi: imx: Do not expect DMA for i.MX{25,35,50,51,53} cspi devices (stable-fixes).
- spi: intel-pci: Add support for Lunar Lake-M SPI serial flash (stable-fixes).
- spi: lm70llp: fix links in doc and comments (git-fixes).
- spi: lpspi: Avoid potential use-after-free in probe() (git-fixes).
- spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe (git-fixes).
- spi: microchip-core: defer asserting chip select until just before write to TX FIFO (git-fixes).
- spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer (git-fixes).
- spi: microchip-core: fix the issues in the isr (git-fixes).
- spi: microchip-core: only disable SPI controller when register value change requires it (git-fixes).
- spi: microchip-core-qspi: fix setting spi bus clock rate (git-fixes).
- spi: mux: set ctlr->bits_per_word_mask (stable-fixes).
- spi: spidev: add correct compatible for Rohm BH2228FV (git-fixes).
- spi: spi-fsl-lpspi: remove redundant spi_controller_put call (git-fixes).
- spi: spi-microchip-core: Fix the number of chip selects supported (git-fixes).
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).
- spi: stm32: Do not warn about spurious interrupts (git-fixes).
- spi: stm32: qspi: Clamp stm32_qspi_get_mode() output to CCR_BUSWIDTH_4 (git-fixes).
- spi: stm32: qspi: Fix dual flash mode sanity test in stm32_qspi_setup() (git-fixes).
- spi: xilinx: Fix kernel documentation in the xilinx_spi.h (git-fixes).
- spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).
- ssb: Fix potential NULL pointer dereference in ssb_device_uevent() (stable-fixes).
- staging: vc04_services: changen strncpy() to strscpy_pad() (stable-fixes).
- staging: vc04_services: fix information leak in create_component() (git-fixes).
- staging: vt6655: Remove unused declaration of RFbAL7230SelectChannelPostProcess() (git-fixes).
- stmmac: Clear variable when destroying workqueue (git-fixes).
- struct acpi_ec kABI workaround (git-fixes).
- SUNRPC: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272).
- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).
- SUNRPC: Fix gss_free_in_token_pages() (git-fixes).
- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-fixes).
- sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).
- SUNRPC: return proper error from gss_wrap_req_priv (git-fixes).
- supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570)
- supported.conf: Add support for v4l2-dv-timings (jsc#PED-8644)
- supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional.
- supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems.
- supported.conf: mark vdpa modules supported (jsc#PED-8954)
- supported.conf: support tcp_dctcp module (jsc#PED-8111)
- supported.conf: update for mt76 stuff (bsc#1227149)
- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331)
- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)
- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)
- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)
- swiotlb: use the calculated number of areas (git-fixes).
- tcp: Dump bound-only sockets in inet_diag (bsc#1204562).
- Temporarily drop KVM patch that caused a regression (bsc#1226158)
- thermal: devfreq_cooling: Fix perf state when calculate dfc res_util (git-fixes).
- thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data (stable-fixes).
- thermal/drivers/mediatek/lvts_thermal: Return error in case of invalid efuse data (git-fixes).
- thermal/drivers/qcom/lmh: Check for SCM availability at probe (git-fixes).
- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).
- thermal/of: Assume polling-delay(-passive) 0 when absent (stable-fixes).
- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
- thunderbolt: debugfs: Fix margin debugfs node creation condition (git-fixes).
- thunderbolt: Do not create DisplayPort tunnels on adapters of the same router (git-fixes).
- thunderbolt: Fix wake configurations after device unplug (stable-fixes).
- thunderbolt: Introduce tb_path_deactivate_hop() (stable-fixes).
- thunderbolt: Introduce tb_port_reset() (stable-fixes).
- thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4 routers (stable-fixes).
- thunderbolt: Reset only non-USB4 host routers in resume (git-fixes).
- tls: break out of main loop when PEEK gets a non-data record (bsc#1221858).
- tls: do not skip over different type records from the rx_list (bsc#1221858).
- tls: fix peeking with sync+async decryption (bsc#1221858).
- tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858).
- tools/arch/x86/intel_sdsi: Fix maximum meter bundle length (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_certificate decoding (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_show display (git-fixes).
- tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).
- tools/memory-model: Fix bug in lock.cat (git-fixes).
- tools/power/cpupower: Fix Pstate frequency reporting on AMD Family 1Ah CPUs (stable-fixes).
- tools/power turbostat: Expand probe_intel_uncore_frequency() (bsc#1221765).
- tools/power/turbostat: Fix uncore frequency file string (bsc#1221765).
- tools/power turbostat: Remember global max_die_id (stable-fixes).
- tools: ynl: do not leak mcast_groups on init error (git-fixes).
- tools: ynl: fix handling of multiple mcast groups (git-fixes).
- tools: ynl: make sure we always pass yarg to mnl_cb_run (git-fixes).
- tpm_tis: Do *not* flush uninitialized work (git-fixes).
- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes).
- tracefs: Add missing lockdown check to tracefs_create_dir() (git-fixes).
- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).
- tracing: Build event generation tests only as modules (git-fixes).
- tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).
- tracing: hide unused ftrace_event_id_fops (git-fixes).
- tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).
- tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset() (git-fixes).
- tracing: Remove precision vsnprintf() check from print event (git-fixes).
- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
- tracing: Use .flush() call to wake up readers (git-fixes).
- tty: mcf: MCF54418 has 10 UARTS (git-fixes).
- tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).
- tty: n_tty: Fix buffer offsets when lookahead is used (git-fixes).
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).
- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).
- ubifs: fix sort function prototype (git-fixes).
- ubifs: Queue up space reservation tasks if retrying many times (git-fixes).
- ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).
- ubifs: Set page uptodate in the correct place (git-fixes).
- Update config files: adjust for Arm CONFIG_MT798X_WMAC (bsc#1227149)
- Update config files (bsc#1227282). Update the CONFIG_LSM option to include the selinux LSM in the default set of LSMs. The selinux LSM will not get enabled because it is preceded by apparmor, which is the first exclusive LSM. Updating CONFIG_LSM resolves failures that result in the system not booting up when 'security=selinux selinux=1' is passed to the kernel and SELinux policies are installed.
- Update config files. Disable N_GSM (jsc#PED-8240).
- Update config files for mt76 stuff (bsc#1227149)
- Update config files: update for the realtek wifi driver updates (bsc#1227149)
- USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (stable-fixes).
- usb: aqc111: stop lying about skb->truesize (git-fixes).
- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).
- usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes).
- usb: cdc-wdm: close race between read and workqueue (git-fixes).
- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).
- USB: core: Add hub_get() and hub_put() routines (stable-fixes).
- USB: core: Fix access violation during port device removal (git-fixes).
- USB: core: Fix deadlock in port 'disable' sysfs attribute (stable-fixes).
- USB: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).
- USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (git-fixes).
- usb: Disable USB3 LPM at shutdown (stable-fixes).
- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
- usb: dwc2: gadget: LPM flow fix (git-fixes).
- usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
- usb: dwc2: host: Fix hibernation flow (git-fixes).
- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
- usb: dwc3-am62: Disable wakeup at remove (git-fixes).
- usb: dwc3-am62: fix module unload/reload behavior (git-fixes).
- usb: dwc3-am62: Rename private data (git-fixes).
- usb: dwc3: core: Add DWC31 version 2.00a controller (stable-fixes).
- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
- usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes).
- usb: dwc3: core: Workaround for CSR read timeout (stable-fixes).
- usb: dwc3: pci: add support for the Intel Panther Lake (stable-fixes).
- usb: dwc3: pci: Do not set 'linux,phy_charger_detect' property on Lenovo Yoga Tab2 1380 (stable-fixes).
- usb: dwc3: pci: Drop duplicate ID (git-fixes).
- usb: dwc3: Properly set system wakeup (git-fixes).
- usb: dwc3: Wait unconditionally after issuing EndXfer command (git-fixes).
- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (bsc#1220569).
- usb: fotg210: Add missing kernel doc description (git-fixes).
- usb: gadget: aspeed_udc: fix device address configuration (git-fixes).
- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
- usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (stable-fixes).
- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).
- usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (git-fixes).
- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).
- usb: gadget: function: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes).
- usb: gadget: printer: fix races against disable (git-fixes).
- usb: gadget: printer: SS+ support (stable-fixes).
- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).
- usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (git-fixes).
- usb: gadget: uvc: configfs: ensure guid to be valid before set (stable-fixes).
- usb: gadget: uvc: mark incomplete frames with UVC_STREAM_ERR (stable-fixes).
- usb: gadget: uvc: use correct buffer size when parsing configfs lists (git-fixes).
- usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (stable-fixes).
- usb: musb: da8xx: fix a resource leak in probe() (git-fixes).
- usb: ohci: Prevent missed ohci interrupts (git-fixes).
- usb: phy: generic: Get the vbus supply (git-fixes).
- USB: serial: add device ID for VeriFone adapter (stable-fixes).
- USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).
- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).
- USB: serial: mos7840: fix crash on resume (git-fixes).
- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
- USB: serial: option: add Fibocom FM350-GL (stable-fixes).
- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
- USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).
- USB: serial: option: add Rolling RW350-GL variants (stable-fixes).
- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
- USB: serial: option: add support for Foxconn T99W651 (stable-fixes).
- USB: serial: option: add Telit FN912 rmnet compositions (stable-fixes).
- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
- USB: serial: option: add Telit generic core-dump composition (stable-fixes).
- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).
- usb-storage: alauda: Check whether the media is initialized (git-fixes).
- usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).
- usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).
- usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).
- usb: typec: tcpm: Correct port source pdo array in pd_set callback (git-fixes).
- usb: typec: tcpm: Correct the PDO counting in pd_set (git-fixes).
- usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd() (git-fixes).
- usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git-fixes).
- usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes).
- usb: typec: tcpm: unregister existing source caps before re-registration (git-fixes).
- usb: typec: tipd: fix event checking for tps6598x (git-fixes).
- usb: typec: ucsi: Ack also failed Get Error commands (git-fixes).
- usb: typec: ucsi: Ack unsupported commands (stable-fixes).
- usb: typec: ucsi_acpi: Refactor and fix DELL quirk (git-fixes).
- usb: typec: ucsi: always register a link to USB PD device (git-fixes).
- usb: typec: ucsi: Check for notifications after init (git-fixes).
- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).
- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).
- usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).
- usb: typec: ucsi: Fix connector check on init (git-fixes).
- usb: typec: ucsi: Fix race between typec_switch and role_switch (git-fixes).
- usb: typec: ucsi_glink: drop special handling for CCI_BUSY (stable-fixes).
- usb: typec: ucsi: glink: fix child node release in probe function (git-fixes).
- usb: typec: ucsi: Limit read size on v1.2 (stable-fixes).
- usb: typec: ucsi: Never send a lone connector change ack (stable-fixes).
- usb: typec: ucsi: simplify partner's PD caps registration (git-fixes).
- USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).
- usb: ucsi: stm32: fix command completion handling (git-fixes).
- usb: udc: remove warning when queue disabled ep (stable-fixes).
- USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git-fixes).
- usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).
- usb: xhci: correct return value in case of STS_HCE (git-fixes).
- usb: xhci: Implement xhci_handshake_check_state() helper.
- usb: xhci-plat: Do not include xhci.h (stable-fixes).
- usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB (stable-fixes).
- vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).
- vboxsf: explicitly deny setlease attempts (stable-fixes).
- vdpa/mlx5: Allow CVQ size changes (git-fixes).
- vdpa_sim: reset must not run (git-fixes).
- veth: try harder when allocating queue memory (git-fixes).
- vhost: Add smp_rmb() in vhost_enable_notify() (git-fixes).
- vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).
- virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).
- virtio_net: avoid data-races on dev->stats fields (git-fixes).
- virtio_net: checksum offloading handling fix (git-fixes).
- virtio_net: Do not send RSS key if it is not supported (git-fixes).
- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223944).
- VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).
- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes).
- vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes).
- vmlinux.lds.h: catch .bss..L* sections into BSS') (git-fixes).
- vsock/virtio: fix packet delivery to tap device (git-fixes).
- watchdog: bd9576: Drop 'always-running' property (git-fixes).
- watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes).
- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes).
- watchdog: rzg2l_wdt: Check return status of pm_runtime_put() (git-fixes).
- watchdog: rzg2l_wdt: Use pm_runtime_resume_and_get() (git-fixes).
- watchdog: rzn1: Convert comma to semicolon (git-fixes).
- watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe() (git-fixes).
- wifi: add HAS_IOPORT dependencies (bsc#1227149).
- wifi: ar5523: enable proper endpoint verification (git-fixes).
- wifi: ar5523: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath10/11/12k: Use alloc_ordered_workqueue() to create ordered workqueues (bsc#1227149).
- wifi: ath10k: add missing wmi_10_4_feature_mask documentation (bsc#1227149).
- wifi: ath10k: add support to allow broadcast action frame RX (bsc#1227149).
- wifi: ath10k: Annotate struct ath10k_ce_ring with __counted_by (bsc#1227149).
- wifi: ath10k: consistently use kstrtoX_from_user() functions (bsc#1227149).
- wifi: ath10k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath10k: correctly document enum wmi_tlv_tx_pause_id (bsc#1227149).
- wifi: ath10k: Drop checks that are always false (bsc#1227149).
- wifi: ath10k: Drop cleaning of driver data from probe error path and remove (bsc#1227149).
- wifi: ath10k: drop HTT_DATA_TX_STATUS_DOWNLOAD_FAIL (bsc#1227149).
- wifi: ath10k: Fix a few spelling errors (bsc#1227149).
- wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).
- wifi: ath10k: Fix enum ath10k_fw_crash_dump_type kernel-doc (bsc#1227149).
- wifi: ath10k: Fix htt_data_tx_completion kernel-doc warning (bsc#1227149).
- wifi: ath10k: fix htt_q_state_conf & htt_q_state kernel-doc (bsc#1227149).
- wifi: ath10k: fix QCOM_RPROC_COMMON dependency (git-fixes).
- wifi: ath10k: fix Wvoid-pointer-to-enum-cast warning (bsc#1227149).
- wifi: ath10k: improve structure padding (bsc#1227149).
- wifi: ath10k: indicate to mac80211 scan complete with aborted flag for ATH10K_SCAN_STARTING state (bsc#1227149).
- wifi: ath10k: poll service ready message before failing (git-fixes).
- wifi: ath10k: populate board data for WCN3990 (git-fixes).
- wifi: ath10k: remove ath10k_htc_record::pauload[] (bsc#1227149).
- wifi: ath10k: remove duplicate memset() in 10.4 TDLS peer update (bsc#1227149).
- wifi: ath10k: remove struct wmi_pdev_chanlist_update_event (bsc#1227149).
- wifi: ath10k: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath10k: Remove unused struct ath10k_htc_frame (bsc#1227149).
- wifi: ath10k: remove unused template structs (bsc#1227149).
- wifi: ath10k: replace deprecated strncpy with memcpy (bsc#1227149).
- wifi: ath10k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: ath10k: simplify __ath10k_htt_tx_txq_recalc() (bsc#1227149).
- wifi: ath10k: simplify ath10k_peer_create() (bsc#1227149).
- wifi: ath10k: Update Qualcomm Innovation Center, Inc. copyrights (bsc#1227149).
- wifi: ath10k: Use DECLARE_FLEX_ARRAY() for ath10k_htc_record (bsc#1227149).
- wifi: ath10k: use flexible array in struct wmi_host_mem_chunks (bsc#1227149).
- wifi: ath10k: use flexible array in struct wmi_tdls_peer_capabilities (bsc#1227149).
- wifi: ath10k: use flexible arrays for WMI start scan TLVs (bsc#1227149).
- wifi: ath10k: Use list_count_nodes() (bsc#1227149).
- wifi: ath11k: add chip id board name while searching board-2.bin for WCN6855 (bsc#1227149).
- wifi: ath11k: Add coldboot calibration support for QCN9074 (bsc#1227149).
- wifi: ath11k: add firmware-2.bin support (bsc#1227149).
- wifi: ath11k: add handler for WMI_VDEV_SET_TPC_POWER_CMDID (bsc#1227149).
- wifi: ath11k: Add HTT stats for PHY reset case (bsc#1227149).
- wifi: ath11k: add parse of transmit power envelope element (bsc#1227149).
- wifi: ath11k: add parsing of phy bitmap for reg rules (bsc#1227149).
- wifi: ath11k: add support for QCA2066 (bsc#1227149).
- wifi: ath11k: add support to select 6 GHz regulatory type (bsc#1227149).
- wifi: ath11k: add WMI event debug messages (bsc#1227149).
- wifi: ath11k: add WMI_TLV_SERVICE_EXT_TPC_REG_SUPPORT service bit (bsc#1227149).
- wifi: ath11k: Allow ath11k to boot without caldata in ftm mode (bsc#1227149).
- wifi: ath11k: ath11k_debugfs_register(): fix format-truncation warning (bsc#1227149).
- wifi: ath11k: avoid forward declaration of ath11k_mac_start_vdev_delay() (bsc#1227149).
- wifi: ath11k: call ath11k_mac_fils_discovery() without condition (bsc#1227149).
- wifi: ath11k: Consistently use ath11k_vif_to_arvif() (bsc#1227149).
- wifi: ath11k: Consolidate WMI peer flags (bsc#1227149).
- wifi: ath11k: constify MHI channel and controller configs (bsc#1227149).
- wifi: ath11k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath11k: debug: add ATH11K_DBG_CE (bsc#1227149).
- wifi: ath11k: debug: remove unused ATH11K_DBG_ANY (bsc#1227149).
- wifi: ath11k: debug: use all upper case in ATH11k_DBG_HAL (bsc#1227149).
- wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).
- wifi: ath11k: document HAL_RX_BUF_RBM_SW4_BM (bsc#1227149).
- wifi: ath11k: Do not directly use scan_flags in struct scan_req_params (bsc#1227149).
- wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes).
- wifi: ath11k: do not use %pK (bsc#1227149).
- wifi: ath11k: dp: cleanup debug message (bsc#1227149).
- wifi: ath11k: driver settings for MBSSID and EMA (bsc#1227149).
- wifi: ath11k: drop NULL pointer check in ath11k_update_per_peer_tx_stats() (bsc#1227149).
- wifi: ath11k: drop redundant check in ath11k_dp_rx_mon_dest_process() (bsc#1227149).
- wifi: ath11k: EMA beacon support (bsc#1227149).
- wifi: ath11k: enable 36 bit mask for stream DMA (bsc#1227149).
- wifi: ath11k: factory test mode support (bsc#1227149).
- wifi: ath11k: fill parameters for vdev set tpc power WMI command (bsc#1227149).
- wifi: ath11k: Fix a few spelling errors (bsc#1227149).
- wifi: ath11k: fix a possible dead lock caused by ab->base_lock (bsc#1227149).
- wifi: ath11k: Fix ath11k_htc_record flexible record (bsc#1227149).
- wifi: ath11k: fix ath11k_mac_op_remain_on_channel() stack usage (bsc#1227149).
- wifi: ath11k: fix CAC running state during virtual interface start (bsc#1227149).
- wifi: ath11k: fix connection failure due to unexpected peer delete (bsc#1227149).
- wifi: ath11k: fix IOMMU errors on buffer rings (bsc#1227149).
- wifi: ath11k: fix RCU documentation in ath11k_mac_op_ipv6_changed() (git-fixes).
- wifi: ath11k: fix tid bitmap is 0 in peer rx mu stats (bsc#1227149).
- wifi: ath11k: fix WCN6750 firmware crash caused by 17 num_vdevs (bsc#1227149).
- wifi: ath11k: fix wrong definition of CE ring's base address (git-fixes).
- wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).
- wifi: ath11k: fix Wvoid-pointer-to-enum-cast warning (bsc#1227149).
- wifi: ath11k: hal: cleanup debug message (bsc#1227149).
- wifi: ath11k: htc: cleanup debug messages (bsc#1227149).
- wifi: ath11k: initialize eirp_power before use (bsc#1227149).
- wifi: ath11k: Introduce and use ath11k_sta_to_arsta() (bsc#1227149).
- wifi: ath11k: mac: fix struct ieee80211_sband_iftype_data handling (bsc#1227149).
- wifi: ath11k: MBSSID beacon support (bsc#1227149).
- wifi: ath11k: MBSSID configuration during vdev create/start (bsc#1227149).
- wifi: ath11k: MBSSID parameter configuration in AP mode (bsc#1227149).
- wifi: ath11k: mhi: add a warning message for MHI_CB_EE_RDDM crash (bsc#1227149).
- wifi: ath11k: move pci.ops registration ahead (bsc#1227149).
- wifi: ath11k: move power type check to ASSOC stage when connecting to 6 GHz AP (bsc#1227149).
- wifi: ath11k: move references from rsvd2 to info fields (bsc#1227149).
- wifi: ath11k: pci: cleanup debug logging (bsc#1227149).
- wifi: ath11k: print debug level in debug messages (bsc#1227149).
- wifi: ath11k: provide address list if chip supports 2 stations (bsc#1227149).
- wifi: ath11k: qmi: refactor ath11k_qmi_m3_load() (bsc#1227149).
- wifi: ath11k: Really consistently use ath11k_vif_to_arvif() (bsc#1227149).
- wifi: ath11k: refactor ath11k_wmi_tlv_parse_alloc() (bsc#1227149).
- wifi: ath11k: refactor setting country code logic (stable-fixes).
- wifi: ath11k: refactor vif parameter configurations (bsc#1227149).
- wifi: ath11k: Relocate the func ath11k_mac_bitrate_mask_num_ht_rates() and change hweight16 to hweight8 (bsc#1227149).
- wifi: ath11k: rely on mac80211 debugfs handling for vif (bsc#1227149).
- wifi: ath11k: Remove ath11k_base::bd_api (bsc#1227149).
- wifi: ath11k: remove ath11k_htc_record::pauload[] (bsc#1227149).
- wifi: ath11k: Remove cal_done check during probe (bsc#1227149).
- wifi: ath11k: remove invalid peer create logic (bsc#1227149).
- wifi: ath11k: remove manual mask names from debug messages (bsc#1227149).
- wifi: ath11k: Remove obsolete struct wmi_peer_flags_map *peer_flags (bsc#1227149).
- wifi: ath11k: Remove scan_flags union from struct scan_req_params (bsc#1227149).
- wifi: ath11k: Remove struct ath11k::ops (bsc#1227149).
- wifi: ath11k: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath11k: Remove unneeded semicolon (bsc#1227149).
- wifi: ath11k: remove unsupported event handlers (bsc#1227149).
- wifi: ath11k: Remove unused declarations (bsc#1227149).
- wifi: ath11k: remove unused function ath11k_tm_event_wmi() (bsc#1227149).
- wifi: ath11k: remove unused members of 'struct ath11k_base' (bsc#1227149).
- wifi: ath11k: remove unused scan_events from struct scan_req_params (bsc#1227149).
- wifi: ath11k: Remove unused struct ath11k_htc_frame (bsc#1227149).
- wifi: ath11k: rename ath11k_start_vdev_delay() (bsc#1227149).
- wifi: ath11k: rename MBSSID fields in wmi_vdev_up_cmd (bsc#1227149).
- wifi: ath11k: rename the sc naming convention to ab (bsc#1227149).
- wifi: ath11k: rename the wmi_sc naming convention to wmi_ab (bsc#1227149).
- wifi: ath11k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: ath11k: restore country code during resume (git-fixes).
- wifi: ath11k: save max transmit power in vdev start response event from firmware (bsc#1227149).
- wifi: ath11k: save power spectral density(PSD) of regulatory rule (bsc#1227149).
- wifi: ath11k: Send HT fixed rate in WMI peer fixed param (bsc#1227149).
- wifi: ath11k: simplify ath11k_mac_validate_vht_he_fixed_rate_settings() (bsc#1227149).
- wifi: ath11k: simplify the code with module_platform_driver (bsc#1227149).
- wifi: ath11k: Split coldboot calibration hw_param (bsc#1227149).
- wifi: ath11k: store cur_regulatory_info for each radio (bsc#1227149).
- wifi: ath11k: support 2 station interfaces (bsc#1227149).
- wifi: ath11k: update proper pdev/vdev id for testmode command (bsc#1227149).
- wifi: ath11k: Update Qualcomm Innovation Center, Inc. copyrights (bsc#1227149).
- wifi: ath11k: update regulatory rules when connect to AP on 6 GHz band for station (bsc#1227149).
- wifi: ath11k: update regulatory rules when interface added (bsc#1227149).
- wifi: ath11k: Use device_get_match_data() (bsc#1227149).
- wifi: ath11k: use kstrtoul_from_user() where appropriate (bsc#1227149).
- wifi: ath11k: Use list_count_nodes() (bsc#1227149).
- wifi: ath11k: use RCU when accessing struct inet6_dev::ac_list (bsc#1227149).
- wifi: ath11k: use select for CRYPTO_MICHAEL_MIC (bsc#1227149).
- wifi: ath11k: use WMI_VDEV_SET_TPC_POWER_CMDID when EXT_TPC_REG_SUPPORT for 6 GHz (bsc#1227149).
- wifi: ath11k: wmi: add unified command debug messages (bsc#1227149).
- wifi: ath11k: wmi: cleanup error handling in ath11k_wmi_send_init_country_cmd() (bsc#1227149).
- wifi: ath11k: wmi: use common error handling style (bsc#1227149).
- wifi: ath11k: workaround too long expansion sparse warnings (bsc#1227149).
- wifi: ath12k: add 320 MHz bandwidth enums (bsc#1227149).
- wifi: ath12k: add ath12k_qmi_free_resource() for recovery (bsc#1227149).
- wifi: ath12k: add CE and ext IRQ flag to indicate irq_handler (bsc#1227149).
- wifi: ath12k: add EHT PHY modes (bsc#1227149).
- wifi: ath12k: add fallback board name without variant while searching board-2.bin (bsc#1227149).
- wifi: ath12k: add firmware-2.bin support (bsc#1227149).
- wifi: ath12k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED (bsc#1227149).
- wifi: ath12k: add keep backward compatibility of PHY mode to avoid firmware crash (bsc#1227149).
- wifi: ath12k: Add logic to write QRTR node id to scratch (bsc#1227149).
- wifi: ath12k: add MAC id support in WBM error path (bsc#1227149).
- wifi: ath12k: Add missing qmi_txn_cancel() calls (bsc#1227149).
- wifi: ath12k: add MLO header in peer association (bsc#1227149).
- wifi: ath12k: add msdu_end structure for WCN7850 (bsc#1227149).
- wifi: ath12k: add P2P IE in beacon template (bsc#1227149).
- wifi: ath12k: add parsing of phy bitmap for reg rules (bsc#1227149).
- wifi: ath12k: add processing for TWT disable event (bsc#1227149).
- wifi: ath12k: add processing for TWT enable event (bsc#1227149).
- wifi: ath12k: add qmi_cnss_feature_bitmap field to hardware parameters (bsc#1227149).
- wifi: ath12k: add QMI PHY capability learn support (bsc#1227149).
- wifi: ath12k: add rcu lock for ath12k_wmi_p2p_noa_event() (bsc#1227149).
- wifi: ath12k: add read variant from SMBIOS for download board data (bsc#1227149).
- wifi: ath12k: add string type to search board data in board-2.bin for WCN7850 (bsc#1227149).
- wifi: ath12k: add support for BA1024 (bsc#1227149).
- wifi: ath12k: add support for collecting firmware log (bsc#1227149).
- wifi: ath12k: add support for hardware rfkill for WCN7850 (bsc#1227149).
- wifi: ath12k: add support for peer meta data version (bsc#1227149).
- wifi: ath12k: add support one MSI vector (bsc#1227149).
- wifi: ath12k: Add support to parse new WMI event for 6 GHz regulatory (bsc#1227149).
- wifi: ath12k: add support to search regdb data in board-2.bin for WCN7850 (bsc#1227149).
- wifi: ath12k: add wait operation for tx management packets for flush from mac80211 (bsc#1227149).
- wifi: ath12k: add WMI support for EHT peer (bsc#1227149).
- wifi: ath12k: advertise P2P dev support for WCN7850 (bsc#1227149).
- wifi: ath12k: allow specific mgmt frame tx while vdev is not up (bsc#1227149).
- wifi: ath12k: ath12k_start_vdev_delay(): convert to use ar (bsc#1227149).
- wifi: ath12k: avoid deadlock by change ieee80211_queue_work for regd_update_work (bsc#1227149).
- wifi: ath12k: avoid duplicated vdev stop (git-fixes).
- wifi: ath12k: avoid explicit HW conversion argument in Rxdma replenish (bsc#1227149).
- wifi: ath12k: avoid explicit mac id argument in Rxdma replenish (bsc#1227149).
- wifi: ath12k: avoid explicit RBM id argument in Rxdma replenish (bsc#1227149).
- wifi: ath12k: avoid repeated hw access from ar (bsc#1227149).
- wifi: ath12k: avoid repeated wiphy access from hw (bsc#1227149).
- wifi: ath12k: call ath12k_mac_fils_discovery() without condition (bsc#1227149).
- wifi: ath12k: change DMA direction while mapping reinjected packets (git-fixes).
- wifi: ath12k: change interface combination for P2P mode (bsc#1227149).
- wifi: ath12k: change MAC buffer ring size to 2048 (bsc#1227149).
- wifi: ath12k: change to initialize recovery variables earlier in ath12k_core_reset() (bsc#1227149).
- wifi: ath12k: change to treat alpha code na as world wide regdomain (bsc#1227149).
- wifi: ath12k: change to use dynamic memory for channel list of scan (bsc#1227149).
- wifi: ath12k: change WLAN_SCAN_PARAMS_MAX_IE_LEN from 256 to 512 (bsc#1227149).
- wifi: ath12k: check hardware major version for WCN7850 (bsc#1227149).
- wifi: ath12k: check M3 buffer size as well whey trying to reuse it (bsc#1227149).
- wifi: ath12k: configure puncturing bitmap (bsc#1227149).
- wifi: ath12k: configure RDDM size to MHI for device recovery (bsc#1227149).
- wifi: ath12k: Consistently use ath12k_vif_to_arvif() (bsc#1227149).
- wifi: ath12k: Consolidate WMI peer flags (bsc#1227149).
- wifi: ath12k: Correct 6 GHz frequency value in rx status (git-fixes).
- wifi: ath12k: correct the data_type from QMI_OPT_FLAG to QMI_UNSIGNED_1_BYTE for mlo_capable (bsc#1227149).
- wifi: ath12k: delete the timer rx_replenish_retry during rmmod (bsc#1227149).
- wifi: ath12k: designating channel frequency for ROC scan (bsc#1227149).
- wifi: ath12k: disable QMI PHY capability learn in split-phy QCN9274 (bsc#1227149).
- wifi: ath12k: do not drop data frames from unassociated stations (bsc#1227149).
- wifi: ath12k: Do not drop tx_status in failure case (git-fixes).
- wifi: ath12k: do not restore ASPM in case of single MSI vector (bsc#1227149).
- wifi: ath12k: Do not use scan_flags from struct ath12k_wmi_scan_req_arg (bsc#1227149).
- wifi: ath12k: drop failed transmitted frames from metric calculation (git-fixes).
- wifi: ath12k: drop NULL pointer check in ath12k_update_per_peer_tx_stats() (bsc#1227149).
- wifi: ath12k: enable 320 MHz bandwidth for 6 GHz band in EHT PHY capability for WCN7850 (bsc#1227149).
- wifi: ath12k: enable 802.11 power save mode in station mode (bsc#1227149).
- wifi: ath12k: enable IEEE80211_HW_SINGLE_SCAN_ON_ALL_BANDS for WCN7850 (bsc#1227149).
- wifi: ath12k: Enable Mesh support for QCN9274 (bsc#1227149).
- wifi: ath12k: fetch correct pdev id from WMI_SERVICE_READY_EXT_EVENTID (bsc#1227149).
- wifi: ath12k: Fix a few spelling errors (bsc#1227149).
- wifi: ath12k: fix broken structure wmi_vdev_create_cmd (bsc#1227149).
- wifi: ath12k: fix conf_mutex in ath12k_mac_op_unassign_vif_chanctx() (bsc#1227149).
- wifi: ath12k: fix debug messages (bsc#1227149).
- wifi: ath12k: fix fetching MCBC flag for QCN9274 (bsc#1227149).
- wifi: ath12k: fix firmware assert during insmod in memory segment mode (bsc#1227149).
- wifi: ath12k: fix firmware crash during reo reinject (git-fixes).
- wifi: ath12k: fix invalid m3 buffer address (bsc#1227149).
- wifi: ath12k: fix invalid memory access while processing fragmented packets (git-fixes).
- wifi: ath12k: fix kernel crash during resume (bsc#1227149).
- wifi: ath12k: fix license in p2p.c and p2p.h (bsc#1227149).
- wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() (git-fixes).
- wifi: ath12k: fix PCI read and write (bsc#1227149).
- wifi: ath12k: fix peer metadata parsing (git-fixes).
- wifi: ath12k: fix potential wmi_mgmt_tx_queue race condition (bsc#1227149).
- wifi: ath12k: fix radar detection in 160 MHz (bsc#1227149).
- wifi: ath12k: fix recovery fail while firmware crash when doing channel switch (bsc#1227149).
- wifi: ath12k: fix the error handler of rfkill config (bsc#1227149).
- wifi: ath12k: fix the issue that the multicast/broadcast indicator is not read correctly for WCN7850 (bsc#1227149).
- wifi: ath12k: fix the problem that down grade phy mode operation (bsc#1227149).
- wifi: ath12k: Fix tx completion ring (WBM2SW) setup failure (git-fixes).
- wifi: ath12k: Fix uninitialized use of ret in ath12k_mac_allocate() (bsc#1227149).
- wifi: ath12k: fix WARN_ON during ath12k_mac_update_vif_chan (bsc#1227149).
- wifi: ath12k: fix wrong definition of CE ring's base address (git-fixes).
- wifi: ath12k: fix wrong definitions of hal_reo_update_rx_queue (bsc#1227149).
- wifi: ath12k: get msi_data again after request_irq is called (bsc#1227149).
- wifi: ath12k: implement handling of P2P NoA event (bsc#1227149).
- wifi: ath12k: implement remain on channel for P2P mode (bsc#1227149).
- wifi: ath12k: increase vdev setup timeout (bsc#1227149).
- wifi: ath12k: indicate NON MBSSID vdev by default during vdev start (bsc#1227149).
- wifi: ath12k: indicate scan complete for scan canceled when scan running (bsc#1227149).
- wifi: ath12k: indicate to mac80211 scan complete with aborted flag for ATH12K_SCAN_STARTING state (bsc#1227149).
- wifi: ath12k: Introduce and use ath12k_sta_to_arsta() (bsc#1227149).
- wifi: ath12k: Introduce the container for mac80211 hw (bsc#1227149).
- wifi: ath12k: Make QMI message rules const (bsc#1227149).
- wifi: ath12k: move HE capabilities processing to a new function (bsc#1227149).
- wifi: ath12k: move peer delete after vdev stop of station for WCN7850 (bsc#1227149).
- wifi: ath12k: Optimize the mac80211 hw data access (bsc#1227149).
- wifi: ath12k: parse WMI service ready ext2 event (bsc#1227149).
- wifi: ath12k: peer assoc for 320 MHz (bsc#1227149).
- wifi: ath12k: prepare EHT peer assoc parameters (bsc#1227149).
- wifi: ath12k: propagate EHT capabilities to userspace (bsc#1227149).
- wifi: ath12k: Read board id to support split-PHY QCN9274 (bsc#1227149).
- wifi: ath12k: refactor ath12k_bss_assoc() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_allocate() and ath12k_mac_destroy() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_ampdu_action() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_config() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_configure_filter() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_conf_tx() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_flush() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_start() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_stop() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_update_vif_offload() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_register() and ath12k_mac_unregister() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_setup_channels_rates() (bsc#1227149).
- wifi: ath12k: refactor ath12k_wmi_tlv_parse_alloc() (bsc#1227149).
- wifi: ath12k: refactor DP Rxdma ring structure (bsc#1227149).
- wifi: ath12k: refactor multiple MSI vector implementation (bsc#1227149).
- wifi: ath12k: refactor QMI MLO host capability helper function (bsc#1227149).
- wifi: ath12k: Refactor the mac80211 hw access from link/radio (bsc#1227149).
- wifi: ath12k: refactor the rfkill worker (bsc#1227149).
- wifi: ath12k: register EHT mesh capabilities (bsc#1227149).
- wifi: ath12k: relax list iteration in ath12k_mac_vif_unref() (bsc#1227149).
- wifi: ath12k: relocate ath12k_dp_pdev_pre_alloc() call (bsc#1227149).
- wifi: ath12k: Remove ath12k_base::bd_api (bsc#1227149).
- wifi: ath12k: remove hal_desc_sz from hw params (bsc#1227149).
- wifi: ath12k: Remove obsolete struct wmi_peer_flags_map *peer_flags (bsc#1227149).
- wifi: ath12k: remove redundant memset() in ath12k_hal_reo_qdesc_setup() (bsc#1227149).
- wifi: ath12k: Remove some dead code (bsc#1227149).
- wifi: ath12k: Remove struct ath12k::ops (bsc#1227149).
- wifi: ath12k: remove the unused scan_events from ath12k_wmi_scan_req_arg (bsc#1227149).
- wifi: ath12k: Remove unnecessary struct qmi_txn initializers (bsc#1227149).
- wifi: ath12k: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath12k: remove unused ATH12K_BD_IE_BOARD_EXT (bsc#1227149).
- wifi: ath12k: Remove unused declarations (bsc#1227149).
- wifi: ath12k: Remove unused scan_flags from struct ath12k_wmi_scan_req_arg (bsc#1227149).
- wifi: ath12k: rename HE capabilities setup/copy functions (bsc#1227149).
- wifi: ath12k: rename the sc naming convention to ab (bsc#1227149).
- wifi: ath12k: rename the wmi_sc naming convention to wmi_ab (bsc#1227149).
- wifi: ath12k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: ath12k: send WMI_PEER_REORDER_QUEUE_SETUP_CMDID when ADDBA session starts (bsc#1227149).
- wifi: ath12k: Set default beacon mode to burst mode (bsc#1227149).
- wifi: ath12k: set IRQ affinity to CPU0 in case of one MSI vector (bsc#1227149).
- wifi: ath12k: set PERST pin no pull request for WCN7850 (bsc#1227149).
- wifi: ath12k: split hal_ops to support RX TLVs word mask compaction (bsc#1227149).
- wifi: ath12k: subscribe required word mask from rx tlv (bsc#1227149).
- wifi: ath12k: support default regdb while searching board-2.bin for WCN7850 (bsc#1227149).
- wifi: ath12k: trigger station disconnect on hardware restart (bsc#1227149).
- wifi: ath12k: use ATH12K_PCI_IRQ_DP_OFFSET for DP IRQ (bsc#1227149).
- wifi: ath12k: use correct flag field for 320 MHz channels (bsc#1227149).
- wifi: ath12k: Use initializers for QMI message buffers (bsc#1227149).
- wifi: ath12k: Use msdu_end to check MCBC (bsc#1227149).
- wifi: ath12k: Use pdev_id rather than mac_id to get pdev (bsc#1227149).
- wifi: ath12k: use select for CRYPTO_MICHAEL_MIC (bsc#1227149).
- wifi: ath12k: WMI support to process EHT capabilities (bsc#1227149).
- wifi: ath5k: ath5k_hw_get_median_noise_floor(): use swap() (bsc#1227149).
- wifi: ath5k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath5k: remove phydir check from ath5k_debug_init_device() (bsc#1227149).
- wifi: ath5k: Remove redundant dev_err() (bsc#1227149).
- wifi: ath5k: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath5k: remove unused ath5k_eeprom_info::ee_antenna (bsc#1227149).
- wifi: ath5k: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: ath6kl: Remove error checking for debugfs_create_dir() (bsc#1227149).
- wifi: ath6kl: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath6kl: replace deprecated strncpy with memcpy (bsc#1227149).
- wifi: ath9k: avoid using uninitialized array (bsc#1227149).
- wifi: ath9k: clean up function ath9k_hif_usb_resume (bsc#1227149).
- wifi: ath9k: consistently use kstrtoX_from_user() functions (bsc#1227149).
- wifi: ath9k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath9k: delete some unused/duplicate macros (bsc#1227149).
- wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).
- wifi: ath9k: fix parameter check in ath9k_init_debug() (bsc#1227149).
- wifi: ath9k_htc: fix format-truncation warning (bsc#1227149).
- wifi: ath9k: remove redundant assignment to variable ret (bsc#1227149).
- wifi: ath9k: Remove unnecessary ternary operators (bsc#1227149).
- wifi: ath9k: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath9k: Remove unused declarations (bsc#1227149).
- wifi: ath9k: reset survey of current channel after a scan started (bsc#1227149).
- wifi: ath9k: simplify ar9003_hw_process_ini() (bsc#1227149).
- wifi: ath9k: use u32 for txgain indexes (bsc#1227149).
- wifi: ath9k: work around memset overflow warning (bsc#1227149).
- wifi: ath: dfs_pattern_detector: Use flex array to simplify code (bsc#1227149).
- wifi: ath: remove unused-but-set parameter (bsc#1227149).
- wifi: ath: Use is_multicast_ether_addr() to check multicast Ether address (bsc#1227149).
- wifi: ath: work around false-positive stringop-overread warning (bsc#1227149).
- wifi: atk10k: Do not opencode ath10k_pci_priv() in ath10k_ahb_priv() (bsc#1227149).
- wifi: atmel: remove unused ioctl function (bsc#1227149).
- wifi: b43: silence sparse warnings (bsc#1227149).
- wifi: brcm80211: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: brcmfmac: Add DMI nvram filename quirk for ACEPC W5 Pro (stable-fixes).
- wifi: brcmfmac: add linefeed at end of file (bsc#1227149).
- wifi: brcmfmac: add per-vendor feature detection callback (stable-fixes).
- wifi: brcmfmac: allow per-vendor event handling (bsc#1227149).
- wifi: brcmfmac: Annotate struct brcmf_gscan_config with __counted_by (bsc#1227149).
- wifi: brcmfmac: cfg80211: Use WSEC to set SAE password (stable-fixes).
- wifi: brcmfmac: Demote vendor-specific attach/detach messages to info (git-fixes).
- wifi: brcmfmac: Detect corner error case earlier with log (bsc#1227149).
- wifi: brcmfmac: do not cast hidden SSID attribute value to boolean (bsc#1227149).
- wifi: brcmfmac: do not pass hidden SSID attribute as value directly (bsc#1227149).
- wifi: brcmfmac: export firmware interface functions (bsc#1227149).
- wifi: brcmfmac: firmware: Annotate struct brcmf_fw_request with __counted_by (bsc#1227149).
- wifi: brcmfmac: fix format-truncation warnings (bsc#1227149).
- wifi: brcmfmac: fix gnu_printf warnings (bsc#1227149).
- wifi: brcmfmac: fweh: Add __counted_by for struct brcmf_fweh_queue_item and use struct_size() (bsc#1227149).
- wifi: brcmfmac: fweh: Fix boot crash on Raspberry Pi 4 (bsc#1227149).
- wifi: brcmfmac: move feature overrides before feature_disable (bsc#1227149).
- wifi: brcmfmac: pcie: handle randbuf allocation failure (git-fixes).
- wifi: brcmsmac: cleanup SCB-related data types (bsc#1227149).
- wifi: brcmsmac: fix gnu_printf warnings (bsc#1227149).
- wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (git-fixes).
- wifi: brcmsmac: phy: Remove unreachable code (bsc#1227149).
- wifi: brcmsmac: remove more unused data types (bsc#1227149).
- wifi: brcmsmac: remove unused data type (bsc#1227149).
- wifi: brcmsmac: replace deprecated strncpy with memcpy (bsc#1227149).
- wifi: brcmsmac: silence sparse warnings (bsc#1227149).
- wifi: brcmutil: use helper function pktq_empty() instead of open code (bsc#1227149).
- wifi: carl9170: add a proper sanity check for endpoints (git-fixes).
- wifi: carl9170: re-fix fortified-memset warning (git-fixes).
- wifi: carl9170: Remove redundant assignment to pointer super (bsc#1227149).
- wifi: carl9170: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: cfg80211: add a flag to disable wireless extensions (bsc#1227149).
- wifi: cfg80211: add BSS usage reporting (bsc#1227149).
- wifi: cfg80211: add local_state_change to deauth trace (bsc#1227149).
- wifi: cfg80211: add locked debugfs wrappers (bsc#1227149).
- wifi: cfg80211: address several kerneldoc warnings (bsc#1227149).
- wifi: cfg80211: add RNR with reporting AP information (bsc#1227149).
- wifi: cfg80211: Add support for setting TID to link mapping (bsc#1227149).
- wifi: cfg80211: add support for SPP A-MSDUs (bsc#1227149).
- wifi: cfg80211: Allow AP/P2PGO to indicate port authorization to peer STA/P2PClient (bsc#1227149).
- wifi: cfg80211: allow reg update by driver even if wiphy->regd is set (bsc#1227149).
- wifi: cfg80211: annotate iftype_data pointer with sparse (bsc#1227149).
- wifi: cfg80211: avoid double free if updating BSS fails (bsc#1227149).
- wifi: cfg80211: call reg_call_notifier on beacon hints (bsc#1227149).
- wifi: cfg80211: check A-MSDU format more carefully (stable-fixes).
- wifi: cfg80211: check RTNL when iterating devices (bsc#1227149).
- wifi: cfg80211: check wiphy mutex is held for wdev mutex (bsc#1227149).
- wifi: cfg80211: consume both probe response and beacon IEs (bsc#1227149).
- wifi: cfg80211: detect stuck ECSA element in probe resp (bsc#1227149).
- wifi: cfg80211: ensure cfg80211_bss_update frees IEs on error (bsc#1227149).
- wifi: cfg80211: export DFS CAC time and usable state helper functions (bsc#1227149).
- wifi: cfg80211: expose nl80211_chan_width_to_mhz for wide sharing (bsc#1227149).
- wifi: cfg80211: Extend support for scanning while MLO connected (bsc#1227149).
- wifi: cfg80211: fix 6 GHz scan request building (stable-fixes).
- wifi: cfg80211: fix CQM for non-range use (bsc#1227149).
- wifi: cfg80211: fix header kernel-doc typos (bsc#1227149).
- wifi: cfg80211: fix kernel-doc for wiphy_delayed_work_flush() (bsc#1227149).
- wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).
- wifi: cfg80211: fix spelling & punctutation (bsc#1227149).
- wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes).
- wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (git-fixes).
- wifi: cfg80211: Fix typo in documentation (bsc#1227149).
- wifi: cfg80211: fully move wiphy work to unbound workqueue (git-fixes).
- wifi: cfg80211: generate an ML element for per-STA profiles (bsc#1227149).
- wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (git-fixes).
- wifi: cfg80211: Handle specific BSSID in 6GHz scanning (bsc#1227149).
- wifi: cfg80211: handle UHB AP and STA power type (bsc#1227149).
- wifi: cfg80211: hold wiphy lock in cfg80211_any_wiphy_oper_chan() (bsc#1227149).
- wifi: cfg80211: hold wiphy mutex for send_interface (bsc#1227149).
- wifi: cfg80211: improve documentation for flag fields (bsc#1227149).
- wifi: cfg80211: Include operating class 137 in 6GHz band (bsc#1227149).
- wifi: cfg80211: introduce cfg80211_ssid_eq() (bsc#1227149).
- wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes).
- wifi: cfg80211: make read-only array centers_80mhz static const (bsc#1227149).
- wifi: cfg80211: make RX assoc data const (bsc#1227149).
- wifi: cfg80211: modify prototype for change_beacon (bsc#1227149).
- wifi: cfg80211: OWE DH IE handling offload (bsc#1227149).
- wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes).
- wifi: cfg80211: reg: describe return values in kernel-doc (bsc#1227149).
- wifi: cfg80211: reg: fix various kernel-doc issues (bsc#1227149).
- wifi: cfg80211: reg: hold wiphy mutex for wdev iteration (bsc#1227149).
- wifi: cfg80211: reg: Support P2P operation on DFS channels (bsc#1227149).
- wifi: cfg80211: remove scan_width support (bsc#1227149).
- wifi: cfg80211: remove wdev mutex (bsc#1227149).
- wifi: cfg80211: rename UHB to 6 GHz (bsc#1227149).
- wifi: cfg80211: Replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: cfg80211: report per-link errors during association (bsc#1227149).
- wifi: cfg80211: report unprotected deauth/disassoc in wowlan (bsc#1227149).
- wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (git-fixes).
- wifi: cfg80211: save power spectral density(psd) of regulatory rule (bsc#1227149).
- wifi: cfg80211: Schedule regulatory check on BSS STA channel change (bsc#1227149).
- wifi: cfg80211: set correct param change count in ML element (bsc#1227149).
- wifi: cfg80211: sme: hold wiphy lock for wdev iteration (bsc#1227149).
- wifi: cfg80211: sort certificates in build (bsc#1227149).
- wifi: cfg80211: split struct cfg80211_ap_settings (bsc#1227149).
- wifi: cfg80211: Update the default DSCP-to-UP mapping (bsc#1227149).
- wifi: cfg80211: validate HE operation element parsing (bsc#1227149).
- wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (stable-fixes).
- wifi: cfg80211: wext: convert return value to kernel-doc (bsc#1227149).
- wifi: cfg80211: wext: set ssids=NULL for passive scans (git-fixes).
- wifi: cw1200: Avoid processing an invalid TIM IE (bsc#1227149).
- wifi: cw1200: Convert to GPIO descriptors (bsc#1227149).
- wifi: cw1200: fix __le16 sparse warnings (bsc#1227149).
- wifi: cw1200: restore endian swapping (bsc#1227149).
- wifi: drivers: Explicitly include correct DT includes (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for ar5523 (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for Broadcom WLAN (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for mt76 drivers (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for p54spi (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wcn36xx (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wilc1000 (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wl1251 and wl12xx (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wl18xx (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wlcore (bsc#1227149).
- wifi: hostap: Add __counted_by for struct prism2_download_data and use struct_size() (bsc#1227149).
- wifi: hostap: fix stringop-truncations GCC warning (bsc#1227149).
- wifi: hostap: remove unused ioctl function (bsc#1227149).
- wifi: ieee80211: add definitions for negotiated TID to Link map (bsc#1227149).
- wifi: ieee80211: add UL-bandwidth definition of trigger frame (bsc#1227149).
- wifi: ieee80211: check for NULL in ieee80211_mle_size_ok() (stable-fixes).
- wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok() (git-fixes).
- wifi: iwlmei: do not send nic info with invalid mac address (bsc#1227149).
- wifi: iwlmei: do not send SAP messages if AMT is disabled (bsc#1227149).
- wifi: iwlmei: send driver down SAP message only if wiamt is enabled (bsc#1227149).
- wifi: iwlmei: send HOST_GOES_DOWN message even if wiamt is disabled (bsc#1227149).
- wifi: iwlmvm: fw: Add new OEM vendor to tas approved list (bsc#1227149).
- wifi: iwlwifi: abort scan when rfkill on but device enabled (bsc#1227149).
- wifi: iwlwifi: add HONOR to PPAG approved list (bsc#1227149).
- wifi: iwlwifi: add mapping of a periphery register crf for WH RF (bsc#1227149).
- wifi: iwlwifi: add new RF support for wifi7 (bsc#1227149).
- wifi: iwlwifi: add Razer to ppag approved list (bsc#1227149).
- wifi: iwlwifi: Add rf_mapping of new wifi7 devices (bsc#1227149).
- wifi: iwlwifi: add support for activating UNII-1 in WW via BIOS (bsc#1227149).
- wifi: iwlwifi: add support for a wiphy_work rx handler (bsc#1227149).
- wifi: iwlwifi: Add support for new 802.11be device (bsc#1227149).
- wifi: iwlwifi: add support for new ini region types (bsc#1227149).
- wifi: iwlwifi: Add support for PPAG cmd v5 and PPAG revision 3 (bsc#1227149).
- wifi: iwlwifi: add support for SNPS DPHYIP region type (bsc#1227149).
- wifi: iwlwifi: adjust rx_phyinfo debugfs to MLO (bsc#1227149).
- wifi: iwlwifi: always have 'uats_enabled' (bsc#1227149).
- wifi: iwlwifi: api: clean up some kernel-doc/typos (bsc#1227149).
- wifi: iwlwifi: api: dbg-tlv: fix up kernel-doc (bsc#1227149).
- wifi: iwlwifi: api: fix a small upper/lower-case typo (bsc#1227149).
- wifi: iwlwifi: api: fix center_freq label in PHY diagram (bsc#1227149).
- wifi: iwlwifi: api: fix constant version to match FW (bsc#1227149).
- wifi: iwlwifi: api: fix kernel-doc reference (bsc#1227149).
- wifi: iwlwifi: bump FW API to 84 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: bump FW API to 86 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: bump FW API to 87 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: bump FW API to 88 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: cancel session protection only if there is one (bsc#1227149).
- wifi: iwlwifi: change link id in time event to s8 (bsc#1227149).
- wifi: iwlwifi: check for kmemdup() return value in iwl_parse_tlv_firmware() (bsc#1227149).
- wifi: iwlwifi: cleanup BT Shared Single Antenna code (bsc#1227149).
- wifi: iwlwifi: cleanup sending PER_CHAIN_LIMIT_OFFSET_CMD (bsc#1227149).
- wifi: iwlwifi: cleanup uefi variables loading (bsc#1227149).
- wifi: iwlwifi: clear link_id in time_event (bsc#1227149).
- wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git-fixes).
- wifi: iwlwifi: dbg-tlv: avoid extra allocation/copy (bsc#1227149).
- wifi: iwlwifi: dbg-tlv: use struct_size() for allocation (bsc#1227149).
- wifi: iwlwifi: disable 160 MHz based on subsystem device ID (bsc#1227149).
- wifi: iwlwifi: disable eSR when BT is active (bsc#1227149).
- wifi: iwlwifi: disable multi rx queue for 9000 (bsc#1227149).
- wifi: iwlwifi: do not check TAS block list size twice (bsc#1227149).
- wifi: iwlwifi: Do not mark DFS channels as NO-IR (bsc#1227149).
- wifi: iwlwifi: do not use TRUE/FALSE with bool (bsc#1227149).
- wifi: iwlwifi: drop NULL pointer check in iwl_mvm_tzone_set_trip_temp() (bsc#1227149).
- wifi: iwlwifi: dvm: remove kernel-doc warnings (bsc#1227149).
- wifi: iwlwifi: error-dump: fix kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: Extract common prph mac/phy regions data dump logic (bsc#1227149).
- wifi: iwlwifi: fail NIC access fast on dead NIC (bsc#1227149).
- wifi: iwlwifi: fix #ifdef CONFIG_ACPI check (bsc#1227149).
- wifi: iwlwifi: fix iwl_mvm_get_valid_rx_ant() (git-fixes).
- wifi: iwlwifi: fix opmode start/stop race (bsc#1227149).
- wifi: iwlwifi: fix some kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: Fix spelling mistake 'SESION' -> 'SESSION' (bsc#1227149).
- wifi: iwlwifi: fix system commands group ordering (bsc#1227149).
- wifi: iwlwifi: fix the rf step and flavor bits range (bsc#1227149).
- wifi: iwlwifi: fw: Add support for UATS table in UHB (bsc#1227149).
- wifi: iwlwifi: fw: allow vmalloc for PNVM image (bsc#1227149).
- wifi: iwlwifi: fw: dbg: ensure correct config name sizes (bsc#1227149).
- wifi: iwlwifi: fw: disable firmware debug asserts (bsc#1227149).
- wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).
- wifi: iwlwifi: fw: file: clean up kernel-doc (bsc#1227149).
- wifi: iwlwifi: fw: file: do not use [0] for variable arrays (bsc#1227149).
- wifi: iwlwifi: fw: fix compiler warning for NULL string print (bsc#1227149).
- wifi: iwlwifi: fw: fix compile w/o CONFIG_ACPI (git-fixes).
- wifi: iwlwifi: fw: Fix debugfs command sending (bsc#1227149).
- wifi: iwlwifi: fw: increase fw_version string size (bsc#1227149).
- wifi: iwlwifi: fw: reconstruct the API/CAPA enum number (bsc#1227149).
- wifi: iwlwifi: fw: replace deprecated strncpy with strscpy_pad (bsc#1227149).
- wifi: iwlwifi: handle per-phy statistics from fw (bsc#1227149).
- wifi: iwlwifi: implement can_activate_links callback (bsc#1227149).
- wifi: iwlwifi: implement enable/disable for China 2022 regulatory (bsc#1227149).
- wifi: iwlwifi: implement GLAI ACPI table loading (bsc#1227149).
- wifi: iwlwifi: iwl-fh.h: fix kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: iwlmvm: handle unprotected deauth/disassoc in d3 (bsc#1227149).
- wifi: iwlwifi: iwl-trans.h: clean up kernel-doc (bsc#1227149).
- wifi: iwlwifi: load b0 version of ucode for HR1/HR2 (bsc#1227149).
- wifi: iwlwifi: make TB reallocation a debug message (bsc#1227149).
- wifi: iwlwifi: make time_events MLO aware (bsc#1227149).
- wifi: iwlwifi: mei: return error from register when not built (bsc#1227149).
- wifi: iwlwifi: mvm: add a debugfs hook to clear the monitor data (bsc#1227149).
- wifi: iwlwifi: mvm: add a debug print when we get a BAR (bsc#1227149).
- wifi: iwlwifi: mvm: add a per-link debugfs (bsc#1227149).
- wifi: iwlwifi: mvm: add a print when sending RLC command (bsc#1227149).
- wifi: iwlwifi: mvm: Add basic link selection logic (bsc#1227149).
- wifi: iwlwifi: mvm: add start mac ctdp sum calculation debugfs handler (bsc#1227149).
- wifi: iwlwifi: mvm: add support for new wowlan_info_notif (bsc#1227149).
- wifi: iwlwifi: mvm: Add support for removing responder TKs (bsc#1227149).
- wifi: iwlwifi: mvm: add support for TID to link mapping neg request (bsc#1227149).
- wifi: iwlwifi: mvm: add US/Canada MCC to API (bsc#1227149).
- wifi: iwlwifi: mvm: advertise MLO only if EHT is enabled (bsc#1227149).
- wifi: iwlwifi: mvm: advertise support for protected ranging negotiation (bsc#1227149).
- wifi: iwlwifi: mvm: advertise support for SCS traffic description (bsc#1227149).
- wifi: iwlwifi: mvm: allocate STA links only for active links (git-fixes).
- wifi: iwlwifi: mvm: Allow DFS concurrent operation (bsc#1227149).
- wifi: iwlwifi: mvm: always update keys in D3 exit (bsc#1227149).
- wifi: iwlwifi: mvm: avoid garbage iPN (bsc#1227149).
- wifi: iwlwifi: mvm: calculate EMLSR mode after connection (bsc#1227149).
- wifi: iwlwifi: mvm: check AP supports EMLSR (bsc#1227149).
- wifi: iwlwifi: mvm: check for iwl_mvm_mld_update_sta() errors (bsc#1227149).
- wifi: iwlwifi: mvm: check link more carefully (bsc#1227149).
- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes).
- wifi: iwlwifi: mvm: check own capabilities for EMLSR (bsc#1227149).
- wifi: iwlwifi: mvm: cleanup MLO and non-MLO unification code (bsc#1227149).
- wifi: iwlwifi: mvm: combine condition/warning (bsc#1227149).
- wifi: iwlwifi: mvm: Configure the link mapping for non-MLD FW (bsc#1227149).
- wifi: iwlwifi: mvm: consider having one active link (bsc#1227149).
- wifi: iwlwifi: mvm: const-ify chandef pointers (bsc#1227149).
- wifi: iwlwifi: mvm: Correctly report TSF data in scan complete (bsc#1227149).
- wifi: iwlwifi: mvm: cycle FW link on chanctx removal (bsc#1227149).
- wifi: iwlwifi: mvm: d3: avoid intermediate/early mutex unlock (bsc#1227149).
- wifi: iwlwifi: mvm: d3: disconnect on GTK rekey failure (bsc#1227149).
- wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup (stable-fixes).
- wifi: iwlwifi: mvm: d3: implement suspend with MLO (bsc#1227149).
- wifi: iwlwifi: mvm: debugfs for fw system stats (bsc#1227149).
- wifi: iwlwifi: mvm: Declare support for secure LTF measurement (bsc#1227149).
- wifi: iwlwifi: mvm: define RX queue sync timeout as a macro (bsc#1227149).
- wifi: iwlwifi: mvm: disable MLO for the time being (bsc#1227149).
- wifi: iwlwifi: mvm: disallow puncturing in US/Canada (bsc#1227149).
- wifi: iwlwifi: mvm: disconnect long CSA only w/o alternative (bsc#1227149).
- wifi: iwlwifi: mvm: disconnect station vifs if recovery failed (bsc#1227149).
- wifi: iwlwifi: mvm: do not abort queue sync in CT-kill (bsc#1227149).
- wifi: iwlwifi: mvm: do not add dummy phy context (bsc#1227149).
- wifi: iwlwifi: mvm: do not always disable EMLSR due to BT coex (bsc#1227149).
- wifi: iwlwifi: mvm: do not do duplicate detection for nullfunc packets (bsc#1227149).
- wifi: iwlwifi: mvm: do not initialize csa_work twice (git-fixes).
- wifi: iwlwifi: mvm: do not limit VLP/AFC to UATS-enabled (git-fixes).
- wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes).
- wifi: iwlwifi: mvm: do not send BT_COEX_CI command on new devices (bsc#1227149).
- wifi: iwlwifi: mvm: do not send NDPs for new tx devices (bsc#1227149).
- wifi: iwlwifi: mvm: do not send STA_DISABLE_TX_CMD for newer firmware (bsc#1227149).
- wifi: iwlwifi: mvm: do not send the smart fifo command if not needed (bsc#1227149).
- wifi: iwlwifi: mvm: do not set trigger frame padding in AP mode (bsc#1227149).
- wifi: iwlwifi: mvm: do not support reduced tx power on ack for new devices (bsc#1227149).
- wifi: iwlwifi: mvm: do not wake up rx_sync_waitq upon RFKILL (git-fixes).
- wifi: iwlwifi: mvm: Do not warn if valid link pair was not found (bsc#1227149).
- wifi: iwlwifi: mvm: Do not warn on invalid link on scan complete (bsc#1227149).
- wifi: iwlwifi: mvm: enable FILS DF Tx on non-PSC channel (bsc#1227149).
- wifi: iwlwifi: mvm: enable HE TX/RX <242 tone RU on new RFs (bsc#1227149).
- wifi: iwlwifi: mvm: expand queue sync warning messages (bsc#1227149).
- wifi: iwlwifi: mvm: extend alive timeout to 2 seconds (bsc#1227149).
- wifi: iwlwifi: mvm: Extend support for P2P service discovery (bsc#1227149).
- wifi: iwlwifi: mvm: fix a battery life regression (bsc#1227149).
- wifi: iwlwifi: mvm: fix a crash on 7265 (bsc#1227149).
- wifi: iwlwifi: mvm: fix active link counting during recovery (git-fixes).
- wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask (git-fixes).
- wifi: iwlwifi: mvm: Fix FTM initiator flags (bsc#1227149).
- wifi: iwlwifi: mvm: fix kernel-doc (bsc#1227149).
- wifi: iwlwifi: mvm: fix link ID management (bsc#1227149).
- wifi: iwlwifi: mvm: fix recovery flow in CSA (bsc#1227149).
- wifi: iwlwifi: mvm: fix regdb initialization (bsc#1227149).
- wifi: iwlwifi: mvm: fix ROC version check (bsc#1227149).
- wifi: iwlwifi: mvm: fix SB CFG check (bsc#1227149).
- wifi: iwlwifi: mvm: Fix scan abort handling with HW rfkill (stable-fixes).
- wifi: iwlwifi: mvm: fix the key PN index (bsc#1227149).
- wifi: iwlwifi: mvm: fix the PHY context resolution for p2p device (bsc#1227149).
- wifi: iwlwifi: mvm: fix thermal kernel-doc (bsc#1227149).
- wifi: iwlwifi: mvm: fix the TXF mapping for BZ devices (bsc#1227149).
- wifi: iwlwifi: mvm: Fix unreachable code path (bsc#1227149).
- wifi: iwlwifi: mvm: fold the ref++ into iwl_mvm_phy_ctxt_add (bsc#1227149).
- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (stable-fixes).
- wifi: iwlwifi: mvm: handle BA session teardown in RF-kill (stable-fixes).
- wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd (stable-fixes).
- wifi: iwlwifi: mvm: handle debugfs names more carefully (bsc#1227149).
- wifi: iwlwifi: mvm: handle link-STA allocation in restart (bsc#1227149).
- wifi: iwlwifi: mvm: implement new firmware API for statistics (bsc#1227149).
- wifi: iwlwifi: mvm: implement ROC version 3 (bsc#1227149).
- wifi: iwlwifi: mvm: include link ID when releasing frames (git-fixes).
- wifi: iwlwifi: mvm: increase session protection after CSA (bsc#1227149).
- wifi: iwlwifi: mvm: init vif works only once (git-fixes).
- wifi: iwlwifi: mvm: introduce esr_disable_reason (bsc#1227149).
- wifi: iwlwifi: mvm: introduce PHY_CONTEXT_CMD_API_VER_5 (bsc#1227149).
- wifi: iwlwifi: mvm: iterate active links for STA queues (bsc#1227149).
- wifi: iwlwifi: mvm: Keep connection in case of missed beacons during RX (bsc#1227149).
- wifi: iwlwifi: mvm: limit EHT 320 MHz MCS for STEP URM (bsc#1227149).
- wifi: iwlwifi: mvm: limit pseudo-D3 to 60 seconds (bsc#1227149).
- wifi: iwlwifi: mvm: log dropped frames (bsc#1227149).
- wifi: iwlwifi: mvm: log dropped packets due to MIC error (bsc#1227149).
- wifi: iwlwifi: mvm: make functions public (bsc#1227149).
- wifi: iwlwifi: mvm: make pldr_sync AX210 specific (bsc#1227149).
- wifi: iwlwifi: mvm: make 'pldr_sync' mode effective (bsc#1227149).
- wifi: iwlwifi: mvm: move BA notif messages before action (bsc#1227149).
- wifi: iwlwifi: mvm: move listen interval to constants (bsc#1227149).
- wifi: iwlwifi: mvm: move RU alloc B2 placement (bsc#1227149).
- wifi: iwlwifi: mvm: offload IGTK in AP if BIGTK is supported (bsc#1227149).
- wifi: iwlwifi: mvm: partially support PHY context version 6 (bsc#1227149).
- wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF (bsc#1227149).
- wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option (stable-fixes).
- wifi: iwlwifi: mvm: reduce maximum RX A-MPDU size (bsc#1227149).
- wifi: iwlwifi: mvm: refactor duplicate chanctx condition (bsc#1227149).
- wifi: iwlwifi: mvm: refactor TX rate handling (bsc#1227149).
- wifi: iwlwifi: mvm: remove EHT code from mac80211.c (bsc#1227149).
- wifi: iwlwifi: mvm: remove flags for enable/disable beacon filter (bsc#1227149).
- wifi: iwlwifi: mvm: remove IWL_MVM_STATUS_NEED_FLUSH_P2P (bsc#1227149).
- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).
- wifi: iwlwifi: mvm: remove one queue sync on BA session stop (bsc#1227149).
- wifi: iwlwifi: mvm: remove set_tim callback for MLD ops (bsc#1227149).
- wifi: iwlwifi: mvm: remove stale STA link data during restart (stable-fixes).
- wifi: iwlwifi: mvm: Return success if link could not be removed (bsc#1227149).
- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
- wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes).
- wifi: iwlwifi: mvm: rework debugfs handling (bsc#1227149).
- wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).
- wifi: iwlwifi: mvm: select STA mask only for active links (git-fixes).
- wifi: iwlwifi: mvm: set properly mac header (git-fixes).
- wifi: iwlwifi: mvm: show dump even for pldr_sync (bsc#1227149).
- wifi: iwlwifi: mvm: show skb_mac_gso_segment() failure reason (bsc#1227149).
- wifi: iwlwifi: mvm: simplify the reorder buffer (bsc#1227149).
- wifi: iwlwifi: mvm: skip adding debugfs symlink for reconfig (bsc#1227149).
- wifi: iwlwifi: mvm: support CSA with MLD (bsc#1227149).
- wifi: iwlwifi: mvm: support flush on AP interfaces (bsc#1227149).
- wifi: iwlwifi: mvm: support injection antenna control (bsc#1227149).
- wifi: iwlwifi: mvm: support iwl_dev_tx_power_cmd_v8 (bsc#1227149).
- wifi: iwlwifi: mvm: support set_antenna() (bsc#1227149).
- wifi: iwlwifi: mvm: support SPP A-MSDUs (bsc#1227149).
- wifi: iwlwifi: mvm: unlock mvm if there is no primary link (bsc#1227149).
- wifi: iwlwifi: mvm: use correct address 3 in A-MSDU (stable-fixes).
- wifi: iwlwifi: mvm: use fast balance scan in case of an active P2P GO (bsc#1227149).
- wifi: iwlwifi: mvm: Use the link ID provided in scan request (bsc#1227149).
- wifi: iwlwifi: mvm: use the new command to clear the internal buffer (bsc#1227149).
- wifi: iwlwifi: mvm: work around A-MSDU size problem (bsc#1227149).
- wifi: iwlwifi: no power save during transition to D3 (bsc#1227149).
- wifi: iwlwifi: nvm-parse: advertise common packet padding (bsc#1227149).
- wifi: iwlwifi: nvm: parse the VLP/AFC bit from regulatory (bsc#1227149).
- wifi: iwlwifi: pcie: Add new PCI device id and CNVI (bsc#1227149).
- wifi: iwlwifi: pcie: Add the PCI device id for new hardware (stable-fixes).
- wifi: iwlwifi: pcie: clean up device removal work (bsc#1227149).
- wifi: iwlwifi: pcie: clean up gen1/gen2 TFD unmap (bsc#1227149).
- wifi: iwlwifi: pcie: clean up WFPM control bits (bsc#1227149).
- wifi: iwlwifi: pcie: do not allow hw-rfkill to stop device on gen2 (bsc#1227149).
- wifi: iwlwifi: pcie: dump CSRs before removal (bsc#1227149).
- wifi: iwlwifi: pcie: enable TOP fatal error interrupt (bsc#1227149).
- wifi: iwlwifi: pcie: fix kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: pcie: fix RB status reading (stable-fixes).
- wifi: iwlwifi: pcie: get_crf_id() can be void (bsc#1227149).
- wifi: iwlwifi: pcie: give up mem read if HW is dead (bsc#1227149).
- wifi: iwlwifi: pcie: move gen1 TB handling to header (bsc#1227149).
- wifi: iwlwifi: pcie: point invalid TFDs to invalid data (bsc#1227149).
- wifi: iwlwifi: pcie: propagate iwl_pcie_gen2_apm_init() error (bsc#1227149).
- wifi: iwlwifi: pcie: (re-)assign BAR0 on driver bind (bsc#1227149).
- wifi: iwlwifi: pcie: rescan bus if no parent (bsc#1227149).
- wifi: iwlwifi: prepare for reading DSM from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading PPAG table from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading SAR tables from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading SPLC from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading TAS table from UEFI (bsc#1227149).
- wifi: iwlwifi: properly check if link is active (bsc#1227149).
- wifi: iwlwifi: properly set WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK (stable-fixes).
- wifi: iwlwifi: queue: fix kernel-doc (bsc#1227149).
- wifi: iwlwifi: queue: improve warning for no skb in reclaim (bsc#1227149).
- wifi: iwlwifi: queue: move iwl_txq_gen2_set_tb() up (bsc#1227149).
- wifi: iwlwifi: read DSM func 2 for specific RF types (bsc#1227149).
- wifi: iwlwifi: read DSM functions from UEFI (bsc#1227149).
- wifi: iwlwifi: read ECKV table from UEFI (bsc#1227149).
- wifi: iwlwifi: read mac step from aux register (bsc#1227149).
- wifi: iwlwifi: read PPAG table from UEFI (bsc#1227149).
- wifi: iwlwifi: read SAR tables from UEFI (bsc#1227149).
- wifi: iwlwifi: read SPLC from UEFI (bsc#1227149).
- wifi: iwlwifi: read txq->read_ptr under lock (stable-fixes).
- wifi: iwlwifi: read WRDD table from UEFI (bsc#1227149).
- wifi: iwlwifi: read WTAS table from UEFI (bsc#1227149).
- wifi: iwlwifi: reconfigure TLC during HW restart (git-fixes).
- wifi: iwlwifi: refactor RX tracing (bsc#1227149).
- wifi: iwlwifi: remove async command callback (bsc#1227149).
- wifi: iwlwifi: remove dead-code (bsc#1227149).
- wifi: iwlwifi: remove 'def_rx_queue' struct member (bsc#1227149).
- wifi: iwlwifi: remove extra kernel-doc (bsc#1227149).
- wifi: iwlwifi: remove Gl A-step remnants (bsc#1227149).
- wifi: iwlwifi: remove memory check for LMAC error address (bsc#1227149).
- wifi: iwlwifi: remove retry loops in start (bsc#1227149).
- wifi: iwlwifi: remove unused function prototype (bsc#1227149).
- wifi: iwlwifi: remove WARN from read_mem32() (bsc#1227149).
- wifi: iwlwifi: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: iwlwifi: return negative -EINVAL instead of positive EINVAL (bsc#1227149).
- wifi: iwlwifi: rfi: use a single DSM function for all RFI configurations (bsc#1227149).
- wifi: iwlwifi: send EDT table to FW (bsc#1227149).
- wifi: iwlwifi: separate TAS 'read-from-BIOS' and 'send-to-FW' flows (bsc#1227149).
- wifi: iwlwifi: simplify getting DSM from ACPI (bsc#1227149).
- wifi: iwlwifi: skip affinity setting on non-SMP (bsc#1227149).
- wifi: iwlwifi: skip opmode start retries on dead transport (bsc#1227149).
- wifi: iwlwifi: small cleanups in PPAG table flows (bsc#1227149).
- wifi: iwlwifi: support link command version 2 (bsc#1227149).
- wifi: iwlwifi: support link_id in SESSION_PROTECTION cmd (bsc#1227149).
- wifi: iwlwifi: support link id in SESSION_PROTECTION_NOTIF (bsc#1227149).
- wifi: iwlwifi: take send-DSM-to-FW flows out of ACPI ifdef (bsc#1227149).
- wifi: iwlwifi: take SGOM and UATS code out of ACPI ifdef (bsc#1227149).
- wifi: iwlwifi: trace full frames with TX status request (bsc#1227149).
- wifi: iwlwifi: update context info structure definitions (bsc#1227149).
- wifi: iwlwifi: Use request_module_nowait (bsc#1227149).
- wifi: iwlwifi: use system_unbound_wq for debug dump (bsc#1227149).
- wifi: iwlwifi: validate PPAG table when sent to FW (bsc#1227149).
- wifi: lib80211: remove unused variables iv32 and iv16 (bsc#1227149).
- wifi: libertas: add missing calls to cancel_work_sync() (bsc#1227149).
- wifi: libertas: cleanup SDIO reset (bsc#1227149).
- wifi: libertas: Follow renaming of SPI 'master' to 'controller' (bsc#1227149).
- wifi: libertas: handle possible spu_write_u16() errors (bsc#1227149).
- wifi: libertas: prefer kstrtoX() for simple integer conversions (bsc#1227149).
- wifi: libertas: simplify list operations in free_if_spi_card() (bsc#1227149).
- wifi: libertas: use convenient lists to manage SDIO packets (bsc#1227149).
- wifi: mac80211: add a driver callback to add vif debugfs (bsc#1227149).
- wifi: mac80211: add a driver callback to check active_links (bsc#1227149).
- wifi: mac80211: add a flag to disallow puncturing (bsc#1227149).
- wifi: mac80211: add back SPDX identifier (bsc#1227149).
- wifi: mac80211: Add __counted_by for struct ieee802_11_elems and use struct_size() (bsc#1227149).
- wifi: mac80211: add ieee80211_tdls_sta_link_id() (stable-fixes).
- wifi: mac80211: additions to change_beacon() (bsc#1227149).
- wifi: mac80211: add link id to ieee80211_gtk_rekey_add() (bsc#1227149).
- wifi: mac80211: add link id to mgd_prepare_tx() (bsc#1227149).
- wifi: mac80211: add more ops assertions (bsc#1227149).
- wifi: mac80211: add more warnings about inserting sta info (bsc#1227149).
- wifi: mac80211: add/remove driver debugfs entries as appropriate (bsc#1227149).
- wifi: mac80211: address some kerneldoc warnings (bsc#1227149).
- wifi: mac80211: add support for mld in ieee80211_chswitch_done (bsc#1227149).
- wifi: mac80211: add support for parsing TID to Link mapping element (bsc#1227149).
- wifi: mac80211: add support for SPP A-MSDUs (bsc#1227149).
- wifi: mac80211: allow 64-bit radiotap timestamps (bsc#1227149).
- wifi: mac80211: allow for_each_sta_active_link() under RCU (bsc#1227149).
- wifi: mac80211: apply mcast rate only if interface is up (stable-fixes).
- wifi: mac80211: Avoid address calculations via out of bounds array indexing (stable-fixes).
- wifi: mac80211: cancel multi-link reconf work on disconnect (git-fixes).
- wifi: mac80211: chanctx emulation set CHANGE_CHANNEL when in_reconfig (git-fixes).
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).
- wifi: mac80211: check EHT/TTLM action frame length (bsc#1227149).
- wifi: mac80211: Check if we had first beacon with relevant links (bsc#1227149).
- wifi: mac80211: check wiphy mutex in ops (bsc#1227149).
- wifi: mac80211: cleanup airtime arithmetic with ieee80211_sta_keep_active() (bsc#1227149).
- wifi: mac80211: clean up assignments to pointer cache (stable-fixes).
- wifi: mac80211: cleanup auth_data only if association continues (bsc#1227149).
- wifi: mac80211: convert A-MPDU work to wiphy work (bsc#1227149).
- wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes).
- wifi: mac80211: correctly set active links upon TTLM (bsc#1227149).
- wifi: mac80211: correcty limit wider BW TDLS STAs (git-fixes).
- wifi: mac80211: debugfs: lock wiphy instead of RTNL (bsc#1227149).
- wifi: mac80211: describe return values in kernel-doc (bsc#1227149).
- wifi: mac80211: disable softirqs for queued frame handling (git-fixes).
- wifi: mac80211: do not connect to an AP while it's in a CSA process (bsc#1227149).
- wifi: mac80211: Do not force off-channel for management Tx with MLO (bsc#1227149).
- wifi: mac80211: Do not include crypto/algapi.h (bsc#1227149).
- wifi: mac80211: do not re-add debugfs entries during resume (bsc#1227149).
- wifi: mac80211: do not select link ID if not provided in scan request (bsc#1227149).
- wifi: mac80211: do not set ESS capab bit in assoc request (bsc#1227149).
- wifi: mac80211: do not use rate mask for scanning (stable-fixes).
- wifi: mac80211: drop robust action frames before assoc (bsc#1227149).
- wifi: mac80211: drop spurious WARN_ON() in ieee80211_ibss_csa_beacon() (bsc#1227149).
- wifi: mac80211: ensure beacon is non-S1G prior to extracting the beacon timestamp field (stable-fixes).
- wifi: mac80211: ethtool: always hold wiphy mutex (bsc#1227149).
- wifi: mac80211: ethtool: hold wiphy mutex (bsc#1227149).
- wifi: mac80211: expand __ieee80211_data_to_8023() status (bsc#1227149).
- wifi: mac80211: Extend support for scanning while MLO connected (bsc#1227149).
- wifi: mac80211: extend wiphy lock in interface removal (bsc#1227149).
- wifi: mac80211: fix advertised TTLM scheduling (bsc#1227149).
- wifi: mac80211: fix a expired vs. cancel race in roc (bsc#1227149).
- wifi: mac80211: fix another key installation error path (bsc#1227149).
- wifi: mac80211: fix BA session teardown race (bsc#1227149).
- wifi: mac80211: fix BSS_CHANGED_UNSOL_BCAST_PROBE_RESP (bsc#1227149).
- wifi: mac80211: fix change_address deadlock during unregister (bsc#1227149).
- wifi: mac80211: fix channel switch link data (bsc#1227149).
- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git-fixes).
- wifi: mac80211: fix driver debugfs for vif type change (bsc#1227149).
- wifi: mac80211: fix error path key leak (bsc#1227149).
- wifi: mac80211: fixes in FILS discovery updates (bsc#1227149).
- wifi: mac80211: fix header kernel-doc typos (bsc#1227149).
- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).
- wifi: mac80211: fix ieee80211_drop_unencrypted_mgmt return type/value (bsc#1227149).
- wifi: mac80211: fix monitor channel with chanctx emulation (bsc#1227149).
- wifi: mac80211: fix potential key leak (bsc#1227149).
- wifi: mac80211: fix prep_connection error path (stable-fixes).
- wifi: mac80211: Fix SMPS handling in the context of MLO (bsc#1227149).
- wifi: mac80211: fix SMPS status handling (bsc#1227149).
- wifi: mac80211: fix spelling typo in comment (bsc#1227149).
- wifi: mac80211: fix TXQ error path and cleanup (bsc#1227149).
- wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (stable-fixes).
- wifi: mac80211: fix unaligned le16 access (git-fixes).
- wifi: mac80211: fix unsolicited broadcast probe config (bsc#1227149).
- wifi: mac80211: fix various kernel-doc issues (bsc#1227149).
- wifi: mac80211: flush STA queues on unauthorization (bsc#1227149).
- wifi: mac80211: flush wiphy work where appropriate (bsc#1227149).
- wifi: mac80211: handle debugfs when switching to/from MLO (bsc#1227149).
- wifi: mac80211: handle tasklet frames before stopping (stable-fixes).
- wifi: mac80211: hold wiphy_lock around concurrency checks (bsc#1227149).
- wifi: mac80211: hold wiphy lock in netdev/link debugfs (bsc#1227149).
- wifi: mac80211_hwsim: init peer measurement result (git-fixes).
- wifi: mac80211: improve CSA/ECSA connection refusal (bsc#1227149).
- wifi: mac80211: initialize SMPS mode correctly (bsc#1227149).
- wifi: mac80211: lock wiphy for aggregation debugfs (bsc#1227149).
- wifi: mac80211: lock wiphy in IP address notifier (bsc#1227149).
- wifi: mac80211: make mgd_protect_tdls_discover MLO-aware (bsc#1227149).
- wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes).
- wifi: mac80211: mesh: fix some kdoc warnings (bsc#1227149).
- wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (stable-fixes).
- wifi: mac80211: mesh: Remove unused function declaration mesh_ids_set_default() (bsc#1227149).
- wifi: mac80211: move color change finalize to wiphy work (bsc#1227149).
- wifi: mac80211: move CSA finalize to wiphy work (bsc#1227149).
- wifi: mac80211: move DFS CAC work to wiphy work (bsc#1227149).
- wifi: mac80211: move dynamic PS to wiphy work (bsc#1227149).
- wifi: mac80211: move filter reconfig to wiphy work (bsc#1227149).
- wifi: mac80211: move key tailroom work to wiphy work (bsc#1227149).
- wifi: mac80211: move link activation work to wiphy work (bsc#1227149).
- wifi: mac80211: move monitor work to wiphy work (bsc#1227149).
- wifi: mac80211: move TDLS work to wiphy work (bsc#1227149).
- wifi: mac80211: move tspec work to wiphy work (bsc#1227149).
- wifi: mac80211: Notify the low level driver on change in MLO valid links (bsc#1227149).
- wifi: mac80211: Print local link address during authentication (bsc#1227149).
- wifi: mac80211: process and save negotiated TID to Link mapping request (bsc#1227149).
- wifi: mac80211: purge TX queues in flush_queues flow (bsc#1227149).
- wifi: mac80211: Recalc offload when monitor stop (git-fixes).
- wifi: mac80211: reduce iflist_mtx (bsc#1227149).
- wifi: mac80211: reject MLO channel configuration if not supported (bsc#1227149).
- wifi: mac80211: relax RCU check in for_each_vif_active_link() (bsc#1227149).
- wifi: mac80211: remove ampdu_mlme.mtx (bsc#1227149).
- wifi: mac80211: remove chanctx_mtx (bsc#1227149).
- wifi: mac80211: remove key_mtx (bsc#1227149).
- wifi: mac80211: remove link before AP (git-fixes).
- wifi: mac80211: remove local->mtx (bsc#1227149).
- wifi: mac80211: remove redundant ML element check (bsc#1227149).
- wifi: mac80211: remove RX_DROP_UNUSABLE (bsc#1227149).
- wifi: mac80211: remove shifted rate support (bsc#1227149).
- wifi: mac80211: remove sta_mtx (bsc#1227149).
- wifi: mac80211: remove unnecessary struct forward declaration (bsc#1227149).
- wifi: mac80211: Remove unused function declarations (bsc#1227149).
- wifi: mac80211: Rename and update IEEE80211_VIF_DISABLE_SMPS_OVERRIDE (bsc#1227149).
- wifi: mac80211: rename ieee80211_tx_status() to ieee80211_tx_status_skb() (bsc#1227149).
- wifi: mac80211: rename struct cfg80211_rx_assoc_resp to cfg80211_rx_assoc_resp_data (bsc#1227149).
- wifi: mac80211: Replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: mac80211: report per-link error during association (bsc#1227149).
- wifi: mac80211: reset negotiated TTLM on disconnect (git-fixes).
- wifi: mac80211: rework ack_frame_id handling a bit (bsc#1227149).
- wifi: mac80211: rework RX timestamp flags (bsc#1227149).
- wifi: mac80211: rx.c: fix sentence grammar (bsc#1227149).
- wifi: mac80211: Sanity check tx bitrate if not provided by driver (bsc#1227149).
- wifi: mac80211: Schedule regulatory channels check on bandwith change (bsc#1227149).
- wifi: mac80211: set wiphy for virtual monitors (bsc#1227149).
- wifi: mac80211: simplify non-chanctx drivers (bsc#1227149).
- wifi: mac80211: Skip association timeout update after comeback rejection (bsc#1227149).
- wifi: mac80211: split ieee80211_drop_unencrypted_mgmt() return value (bsc#1227149).
- wifi: mac80211: sta_info.c: fix sentence grammar (bsc#1227149).
- wifi: mac80211: support antenna control in injection (bsc#1227149).
- wifi: mac80211: support handling of advertised TID-to-link mapping (bsc#1227149).
- wifi: mac80211: take MBSSID/EHT data also from probe resp (bsc#1227149).
- wifi: mac80211: take wiphy lock for MAC addr change (bsc#1227149).
- wifi: mac80211: tx: clarify conditions in if statement (bsc#1227149).
- wifi: mac80211: update beacon counters per link basis (bsc#1227149).
- wifi: mac80211: update some locking documentation (bsc#1227149).
- wifi: mac80211: update the rx_chains after set_antenna() (bsc#1227149).
- wifi: mac80211: use bandwidth indication element for CSA (bsc#1227149).
- wifi: mac80211: use deflink and fix typo in link ID check (bsc#1227149).
- wifi: mac80211: use wiphy locked debugfs for sdata/link (bsc#1227149).
- wifi: mac80211: use wiphy locked debugfs helpers for agg_status (bsc#1227149).
- wifi: mt7601u: delete dead code checking debugfs returns (bsc#1227149).
- wifi: mt7601u: replace strlcpy() with strscpy() (bsc#1227149).
- wifi: mt76: add ability to explicitly forbid LED registration with DT (bsc#1227149).
- wifi: mt76: add DMA mapping error check in mt76_alloc_txwi() (bsc#1227149).
- wifi: mt76: add support for providing eeprom in nvmem cells (bsc#1227149).
- wifi: mt76: add tx_nss histogram to ethtool stats (bsc#1227149).
- wifi: mt76: Annotate struct mt76_rx_tid with __counted_by (bsc#1227149).
- wifi: mt76: change txpower init to per-phy (bsc#1227149).
- wifi: mt76: check sta rx control frame to multibss capability (bsc#1227149).
- wifi: mt76: check txs format before getting skb by pid (bsc#1227149).
- wifi: mt76: check vif type before reporting cca and csa (bsc#1227149).
- wifi: mt76: connac: add beacon duplicate TX mode support for mt7996 (bsc#1227149).
- wifi: mt76: connac: add beacon protection support for mt7996 (bsc#1227149).
- wifi: mt76: connac: add connac3 mac library (bsc#1227149).
- wifi: mt76: connac: add data field in struct tlv (bsc#1227149).
- wifi: mt76: connac: add eht support for phy mode config (bsc#1227149).
- wifi: mt76: connac: add eht support for tx power (bsc#1227149).
- wifi: mt76: connac: add firmware support for mt7992 (bsc#1227149).
- wifi: mt76: connac: add MBSSID support for mt7996 (bsc#1227149).
- wifi: mt76: connac: add more unified command IDs (bsc#1227149).
- wifi: mt76: connac: add more unified event IDs (bsc#1227149).
- wifi: mt76: connac: add new definition of tx descriptor (bsc#1227149).
- wifi: mt76: connac: add support for dsp firmware download (bsc#1227149).
- wifi: mt76: connac: add support to set ifs time by mcu command (bsc#1227149).
- wifi: mt76: connac: add thermal protection support for mt7996 (bsc#1227149).
- wifi: mt76: connac: check for null before dereferencing (bsc#1227149).
- wifi: mt76: connac: export functions for mt7925 (bsc#1227149).
- wifi: mt76: connac: introduce helper for mt7925 chipset (bsc#1227149).
- wifi: mt76: connac: set correct muar_idx for mt799x chipsets (bsc#1227149).
- wifi: mt76: connac: set fixed_bw bit in TX descriptor for fixed rate frames (bsc#1227149).
- wifi: mt76: connac: use muar idx 0xe for non-mt799x as well (bsc#1227149).
- wifi: mt76: Convert to platform remove callback returning void (bsc#1227149).
- wifi: mt76: disable HW AMSDU when using fixed rate (bsc#1227149).
- wifi: mt76: dma: introduce __mt76_dma_queue_reset utility routine (bsc#1227149).
- wifi: mt76: enable UNII-4 channel 177 support (bsc#1227149).
- wifi: mt76: fix race condition related to checking tx queue fill status (bsc#1227149).
- wifi: mt76: fix the issue of missing txpwr settings from ch153 to ch177 (bsc#1227149).
- wifi: mt76: fix typo in mt76_get_of_eeprom_from_nvmem function (bsc#1227149).
- wifi: mt76: increase MT_QFLAG_WED_TYPE size (bsc#1227149).
- wifi: mt76: introduce mt76_queue_is_wed_tx_free utility routine (bsc#1227149).
- wifi: mt76: introduce wed pointer in mt76_queue (bsc#1227149).
- wifi: mt76: limit support of precal loading for mt7915 to MTD only (bsc#1227149).
- wifi: mt76: make mt76_get_of_eeprom static again (bsc#1227149).
- wifi: mt76: mmio: move mt76_mmio_wed_{init,release}_rx_buf in common code (bsc#1227149).
- wifi: mt76: move ampdu_state in mt76_wcid (bsc#1227149).
- wifi: mt76: move mt76_mmio_wed_offload_{enable,disable} in common code (bsc#1227149).
- wifi: mt76: move mt76_net_setup_tc in common code (bsc#1227149).
- wifi: mt76: move rate info in mt76_vif (bsc#1227149).
- wifi: mt76: move wed reset common code in mt76 module (bsc#1227149).
- wifi: mt76: mt7603: add missing register initialization for MT7628 (bsc#1227149).
- wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset (git-fixes).
- wifi: mt76: mt7603: disable A-MSDU tx support on MT7628 (bsc#1227149).
- wifi: mt76: mt7603: fix beacon interval after disabling a single vif (bsc#1227149).
- wifi: mt76: mt7603: fix tx filter/flush function (bsc#1227149).
- wifi: mt76: mt7603: fix tx queue of loopback packets (git-fixes).
- wifi: mt76: mt7603: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7603: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt7615: add missing chanctx ops (bsc#1227149).
- wifi: mt76: mt7615: enable BSS_CHANGED_MU_GROUPS support (bsc#1227149).
- wifi: mt76: mt7615: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7615: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt76_connac3: move lmac queue enumeration in mt76_connac3_mac.h (bsc#1227149).
- wifi: mt76: mt76x02: fix return value check in mt76x02_mac_process_rx (bsc#1227149).
- wifi: mt76: mt76x2u: add netgear wdna3100v3 to device table (bsc#1227149).
- wifi: mt76: mt7915: accumulate mu-mimo ofdma muru stats (bsc#1227149).
- wifi: mt76: mt7915: add locking for accessing mapped registers (bsc#1227149).
- wifi: mt76: mt7915: add missing chanctx ops (bsc#1227149).
- wifi: mt76: mt7915: add support for MT7981 (bsc#1227149).
- wifi: mt76: mt7915 add tc offloading support (bsc#1227149).
- wifi: mt76: mt7915: also MT7981 is 3T3R but nss2 on 5 GHz band (bsc#1227149).
- wifi: mt76: mt7915: disable WFDMA Tx/Rx during SER recovery (bsc#1227149).
- wifi: mt76: mt7915: drop return in mt7915_sta_statistics (bsc#1227149).
- wifi: mt76: mt7915: fix EEPROM offset of TSSI flag on MT7981 (bsc#1227149).
- wifi: mt76: mt7915: fix error recovery with WED enabled (bsc#1227149).
- wifi: mt76: mt7915: fix monitor mode issues (bsc#1227149).
- wifi: mt76: mt7915: move mib_stats structure in mt76.h (bsc#1227149).
- wifi: mt76: mt7915: move poll_list in mt76_wcid (bsc#1227149).
- wifi: mt76: mt7915: move sta_poll_list and sta_poll_lock in mt76_dev (bsc#1227149).
- wifi: mt76: mt7915: report tx retries/failed counts for non-WED path (bsc#1227149).
- wifi: mt76: mt7915: update mpdu density capability (bsc#1227149).
- wifi: mt76: mt7915: update mt798x_wmac_adie_patch_7976 (bsc#1227149).
- wifi: mt76: mt7915: workaround too long expansion sparse warnings (git-fixes).
- wifi: mt76: mt7921: add 6GHz power type support for clc (bsc#1227149).
- wifi: mt76: mt7921: convert acpisar and clc pointers to void (bsc#1227149).
- wifi: mt76: mt7921: enable set txpower for UNII-4 (bsc#1227149).
- wifi: mt76: mt7921e: report tx retries/failed counts in tx free event (bsc#1227149).
- wifi: mt76: mt7921: fix 6GHz disabled by the missing default CLC config (bsc#1227149).
- wifi: mt76: mt7921: fix a potential association failure upon resuming (bsc#1227149).
- wifi: mt76: mt7921: fix CLC command timeout when suspend/resume (bsc#1227149).
- wifi: mt76: mt7921: fix kernel panic by accessing invalid 6GHz channel info (bsc#1227149).
- wifi: mt76: mt7921: fix suspend issue on MediaTek COB platform (bsc#1227149).
- wifi: mt76: mt7921: fix the unfinished command of regd_notifier before suspend (bsc#1227149).
- wifi: mt76: mt7921: fix wrong 6Ghz power type (bsc#1227149).
- wifi: mt76: mt7921: get regulatory information from the clc event (bsc#1227149).
- wifi: mt76: mt7921: get rid of MT7921_RESET_TIMEOUT marco (bsc#1227149).
- wifi: mt76: mt7921: make mt7921_mac_sta_poll static (bsc#1227149).
- wifi: mt76: mt7921: move acpi_sar code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move common register definition in mt792x_regs.h (bsc#1227149).
- wifi: mt76: mt7921: move connac nic capability handling to mt7921 (bsc#1227149).
- wifi: mt76: mt7921: move debugfs shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move dma shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move hif_ops macro in mt792x.h (bsc#1227149).
- wifi: mt76: mt7921: move init shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move mac shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move mt7921_dma_init in pci.c (bsc#1227149).
- wifi: mt76: mt7921: move mt7921u_disconnect mt792x-lib (bsc#1227149).
- wifi: mt76: mt7921: move mt792x_hw_dev in mt792x.h (bsc#1227149).
- wifi: mt76: mt7921: move mt792x_mutex_{acquire/release} in mt792x.h (bsc#1227149).
- wifi: mt76: mt7921: move runtime-pm pci code in mt792x-lib (bsc#1227149).
- wifi: mt76: mt7921: move shared runtime-pm code on mt792x-lib (bsc#1227149).
- wifi: mt76: mt7921: reduce the size of MCU firmware download Rx queue (bsc#1227149).
- wifi: mt76: mt7921: rely on mib_stats shared definition (bsc#1227149).
- wifi: mt76: mt7921: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7921: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt7921: remove macro duplication in regs.h (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_dev in mt792x_dev (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_hif_ops in mt792x_hif_ops (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_phy in mt792x_phy (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_sta in mt792x_sta (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_vif in mt792x_vif (bsc#1227149).
- wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (stable-fixes).
- wifi: mt76: mt7921: support 5.9/6GHz channel config in acpi (bsc#1227149).
- wifi: mt76: mt7921: Support temp sensor (bsc#1227149).
- wifi: mt76: mt7921: update the channel usage when the regd domain changed (bsc#1227149).
- wifi: mt76: mt7925: add flow to avoid chip bt function fail (bsc#1227149).
- wifi: mt76: mt7925: add Mediatek Wi-Fi7 driver for mt7925 chips (bsc#1227149).
- wifi: mt76: mt7925: add support to set ifs time by mcu command (bsc#1227149).
- wifi: mt76: mt7925e: fix use-after-free in free_irq() (bsc#1227149).
- wifi: mt76: mt7925: ensure 4-byte alignment for suspend & wow command (bsc#1227149).
- wifi: mt76: mt7925: fix connect to 80211b mode fail in 2Ghz band (bsc#1227149).
- wifi: mt76: mt7925: fix fw download fail (bsc#1227149).
- wifi: mt76: mt7925: fix mcu query command fail (bsc#1227149).
- wifi: mt76: mt7925: fix SAP no beacon issue in 5Ghz and 6Ghz band (bsc#1227149).
- wifi: mt76: mt7925: fix the wrong data type for scan command (bsc#1227149).
- wifi: mt76: mt7925: fix the wrong header translation config (bsc#1227149).
- wifi: mt76: mt7925: fix typo in mt7925_init_he_caps (bsc#1227149).
- wifi: mt76: mt7925: fix wmm queue mapping (bsc#1227149).
- wifi: mt76: mt7925: fix WoW failed in encrypted mode (bsc#1227149).
- wifi: mt76: mt7925: remove iftype from mt7925_init_eht_caps signature (bsc#1227149).
- wifi: mt76: mt7925: support temperature sensor (bsc#1227149).
- wifi: mt76: mt7925: update PCIe DMA settings (bsc#1227149).
- wifi: mt76: mt792x: add the illegal value check for mtcl table of acpi (bsc#1227149).
- wifi: mt76: mt792x: fix ethtool warning (bsc#1227149).
- wifi: mt76: mt792x: introduce mt792x_irq_map (bsc#1227149).
- wifi: mt76: mt792x: introduce mt792x-lib module (bsc#1227149).
- wifi: mt76: mt792x: introduce mt792x-usb module (bsc#1227149).
- wifi: mt76: mt792x: move more dma shared code in mt792x_dma (bsc#1227149).
- wifi: mt76: mt792x: move mt7921_load_firmware in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt792x: move MT7921_PM_TIMEOUT and MT7921_HW_SCAN_TIMEOUT in common code (bsc#1227149).
- wifi: mt76: mt792x: move mt7921_skb_add_usb_sdio_hdr in mt792x module (bsc#1227149).
- wifi: mt76: mt792x: move shared structure definition in mt792x.h (bsc#1227149).
- wifi: mt76: mt792x: move some common usb code in mt792x module (bsc#1227149).
- wifi: mt76: mt792x: support mt7925 chip init (bsc#1227149).
- wifi: mt76: mt792xu: enable dmashdl support (bsc#1227149).
- wifi: mt76: mt792x: update the country list of EU for ACPI SAR (bsc#1227149).
- wifi: mt76: mt7996: add DMA support for mt7992 (bsc#1227149).
- wifi: mt76: mt7996: add locking for accessing mapped registers (stable-fixes).
- wifi: mt76: mt7996: Add mcu commands for getting sta tx statistic (bsc#1227149).
- wifi: mt76: mt7996: add muru support (bsc#1227149).
- wifi: mt76: mt7996: add sanity checks for background radar trigger (stable-fixes).
- wifi: mt76: mt7996: add support for variants with auxiliary RX path (bsc#1227149).
- wifi: mt76: mt7996: add thermal sensor device support (bsc#1227149).
- wifi: mt76: mt7996: add txpower setting support (bsc#1227149).
- wifi: mt76: mt7996: add TX statistics for EHT mode in debugfs (bsc#1227149).
- wifi: mt76: mt7996: adjust interface num and wtbl size for mt7992 (bsc#1227149).
- wifi: mt76: mt7996: adjust WFDMA settings to improve performance (bsc#1227149).
- wifi: mt76: mt7996: align the format of fixed rate command (bsc#1227149).
- wifi: mt76: mt7996: check txs format before getting skb by pid (bsc#1227149).
- wifi: mt76: mt7996: disable AMSDU for non-data frames (stable-fixes).
- wifi: mt76: mt7996: disable WFDMA Tx/Rx during SER recovery (bsc#1227149).
- wifi: mt76: mt7996: drop return in mt7996_sta_statistics (bsc#1227149).
- wifi: mt76: mt7996: enable BSS_CHANGED_MU_GROUPS support (bsc#1227149).
- wifi: mt76: mt7996: enable PPDU-TxS to host (bsc#1227149).
- wifi: mt76: mt7996: enable VHT extended NSS BW feature (bsc#1227149).
- wifi: mt76: mt7996: ensure 4-byte alignment for beacon commands (bsc#1227149).
- wifi: mt76: mt7996: fix alignment of sta info event (bsc#1227149).
- wifi: mt76: mt7996: fix fortify warning (bsc#1227149).
- wifi: mt76: mt7996: fix fw loading timeout (bsc#1227149).
- wifi: mt76: mt7996: fix mt7996_mcu_all_sta_info_event struct packing (bsc#1227149).
- wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature (bsc#1227149).
- wifi: mt76: mt7996: fix size of txpower MCU command (bsc#1227149).
- wifi: mt76: mt7996: fix uninitialized variable in mt7996_irq_tasklet() (bsc#1227149).
- wifi: mt76: mt7996: fix uninitialized variable in parsing txfree (bsc#1227149).
- wifi: mt76: mt7996: get tx_retries and tx_failed from txfree (bsc#1227149).
- wifi: mt76: mt7996: handle IEEE80211_RC_SMPS_CHANGED (bsc#1227149).
- wifi: mt76: mt7996: increase tx token size (bsc#1227149).
- wifi: mt76: mt7996: introduce mt7996_band_valid() (bsc#1227149).
- wifi: mt76: mt7996: mark GCMP IGTK unsupported (bsc#1227149).
- wifi: mt76: mt7996: move radio ctrl commands to proper functions (bsc#1227149).
- wifi: mt76: mt7996: only set vif teardown cmds at remove interface (bsc#1227149).
- wifi: mt76: mt7996: rely on mib_stats shared definition (bsc#1227149).
- wifi: mt76: mt7996: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7996: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt7996: remove periodic MPDU TXS request (bsc#1227149).
- wifi: mt76: mt7996: remove TXS queue setting (bsc#1227149).
- wifi: mt76: mt7996: rework ampdu params setting (bsc#1227149).
- wifi: mt76: mt7996: rework register offsets for mt7992 (bsc#1227149).
- wifi: mt76: mt7996: set DMA mask to 36 bits for boards with more than 4GB of RAM (bsc#1227149).
- wifi: mt76: mt7996: support more options for mt7996_set_bitrate_mask() (bsc#1227149).
- wifi: mt76: mt7996: support mt7992 eeprom loading (bsc#1227149).
- wifi: mt76: mt7996: support per-band LED control (bsc#1227149).
- wifi: mt76: mt7996: switch to mcu command for TX GI report (bsc#1227149).
- wifi: mt76: mt7996: Use DECLARE_FLEX_ARRAY() and fix -Warray-bounds warnings (bsc#1227149).
- wifi: mt76: mt7996: use u16 for val field in mt7996_mcu_set_rro signature (bsc#1227149).
- wifi: mt76: permit to load precal from NVMEM cell for mt7915 (bsc#1227149).
- wifi: mt76: permit to use alternative cell name to eeprom NVMEM load (bsc#1227149).
- wifi: mt76: reduce spin_lock_bh held up in mt76_dma_rx_cleanup (bsc#1227149).
- wifi: mt76: Remove redundant assignment to variable tidno (bsc#1227149).
- wifi: mt76: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: mt76: replace skb_put with skb_put_zero (stable-fixes).
- wifi: mt76: Replace strlcpy() with strscpy() (bsc#1227149).
- wifi: mt76: report non-binding skb tx rate when WED is active (bsc#1227149).
- wifi: mt76: set page_pool napi pointer for mmio devices (bsc#1227149).
- wifi: mt76: split get_of_eeprom in subfunction (bsc#1227149).
- wifi: mt76: usb: create a dedicated queue for psd traffic (bsc#1227149).
- wifi: mt76: usb: store usb endpoint in mt76_queue (bsc#1227149).
- wifi: mt76: use atomic iface iteration for pre-TBTT work (bsc#1227149).
- wifi: mt76: use chainmask for power delta calculation (bsc#1227149).
- wifi: mt76: Use PTR_ERR_OR_ZERO() to simplify code (bsc#1227149).
- wifi: mwifiex: cleanup adapter data (bsc#1227149).
- wifi: mwifiex: cleanup private data structures (bsc#1227149).
- wifi: mwifiex: cleanup struct mwifiex_sdio_mpa_rx (bsc#1227149).
- wifi: mwifiex: drop BUG_ON from TX paths (bsc#1227149).
- wifi: mwifiex: Drop unused headers (bsc#1227149).
- wifi: mwifiex: fix comment typos in SDIO module (bsc#1227149).
- wifi: mwifiex: Fix interface type change (git-fixes).
- wifi: mwifiex: followup PCIE and related cleanups (bsc#1227149).
- wifi: mwifiex: handle possible mwifiex_write_reg() errors (bsc#1227149).
- wifi: mwifiex: handle possible sscanf() errors (bsc#1227149).
- wifi: mwifiex: mwifiex_process_sleep_confirm_resp(): remove unused priv variable (bsc#1227149).
- wifi: mwifiex: prefer strscpy() over strlcpy() (bsc#1227149).
- wifi: mwifiex: Refactor 1-element array into flexible array in struct mwifiex_ie_types_chan_list_param_set (bsc#1227149).
- wifi: mwifiex: Replace one-element array with flexible-array member in struct mwifiex_ie_types_rxba_sync (bsc#1227149).
- wifi: mwifiex: Set WIPHY_FLAG_NETNS_OK flag (bsc#1227149).
- wifi: mwifiex: simplify PCIE write operations (bsc#1227149).
- wifi: mwifiex: use cfg80211_ssid_eq() instead of mwifiex_ssid_cmp() (bsc#1227149).
- wifi: mwifiex: Use default @max_active for workqueues (bsc#1227149).
- wifi: mwifiex: Use helpers to check multicast addresses (bsc#1227149).
- wifi: mwifiex: use is_zero_ether_addr() instead of ether_addr_equal() (bsc#1227149).
- wifi: mwifiex: use kstrtoX_from_user() in debugfs handlers (bsc#1227149).
- wifi: mwifiex: Use list_count_nodes() (bsc#1227149).
- wifi: mwifiex: use MODULE_FIRMWARE to add firmware files metadata (bsc#1227149).
- wifi: mwl8k: initialize cmd->addr[] properly (git-fixes).
- wifi: nl80211: additions to NL80211_CMD_SET_BEACON (bsc#1227149).
- wifi: nl80211: allow reporting wakeup for unprot deauth/disassoc (bsc#1227149).
- wifi: nl80211: Avoid address calculations via out of bounds array indexing (git-fixes).
- wifi: nl80211: do not free NULL coalescing rule (git-fixes).
- wifi: nl80211: Extend del pmksa support for SAE and OWE security (bsc#1227149).
- wifi: nl80211: fixes to FILS discovery updates (bsc#1227149).
- wifi: nl80211: refactor nl80211_send_mlme_event() arguments (bsc#1227149).
- wifi: nl80211: Remove unused declaration nl80211_pmsr_dump_results() (bsc#1227149).
- wifi: p54: Add missing MODULE_FIRMWARE macro (bsc#1227149).
- wifi: p54: Annotate struct p54_cal_database with __counted_by (bsc#1227149).
- wifi: p54: fix GCC format truncation warning with wiphy->fw_version (bsc#1227149).
- wifi: plfxlc: Drop unused include (bsc#1227149).
- wifi: radiotap: add bandwidth definition of EHT U-SIG (bsc#1227149).
- wifi: remove unused argument of ieee80211_get_tdls_action() (bsc#1227149).
- wifi: rsi: fix restricted __le32 degrades to integer sparse warnings (bsc#1227149).
- wifi: rsi: rsi_91x_coex: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_debugfs: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_hal: Remove unnecessary conversions (bsc#1227149).
- wifi: rsi: rsi_91x_mac80211: Remove unnecessary conversions (bsc#1227149).
- wifi: rsi: rsi_91x_main: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_sdio_ops: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_sdio: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_usb_ops: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_usb: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rt2x00: correct MAC_SYS_CTRL register RX mask in R-Calibration (bsc#1227149).
- wifi: rt2x00: disable RTS threshold for rt2800 by default (bsc#1227149).
- wifi: rt2x00: fix MT7620 low RSSI issue (bsc#1227149).
- wifi: rt2x00: fix rt2800 watchdog function (bsc#1227149).
- wifi: rt2x00: fix the typo in comments (bsc#1227149).
- wifi: rt2x00: improve MT7620 register initialization (bsc#1227149).
- wifi: rt2x00: introduce DMA busy check watchdog for rt2800 (bsc#1227149).
- wifi: rt2x00: limit MT7620 TX power based on eeprom calibration (bsc#1227149).
- wifi: rt2x00: make watchdog param per device (bsc#1227149).
- wifi: rt2x00: remove redundant check if u8 array element is less than zero (bsc#1227149).
- wifi: rt2x00: remove useless code in rt2x00queue_create_tx_descriptor() (bsc#1227149).
- wifi: rt2x00: rework MT7620 channel config function (bsc#1227149).
- wifi: rt2x00: rework MT7620 PA/LNA RF calibration (bsc#1227149).
- wifi: rt2x00: silence sparse warnings (bsc#1227149).
- wifi: rt2x00: Simplify bool conversion (bsc#1227149).
- wifi: rt2x00: simplify rt2x00crypto_rx_insert_iv() (bsc#1227149).
- wifi: rtl8xxxu: 8188e: convert usage of priv->vif to priv->vifs[0] (bsc#1227149).
- wifi: rtl8xxxu: 8188f: Limit TX power index (git-fixes).
- wifi: rtl8xxxu: Actually use macid in rtl8xxxu_gen2_report_connect (bsc#1227149).
- wifi: rtl8xxxu: Add a description about the device ID 0x7392:0xb722 (bsc#1227149).
- wifi: rtl8xxxu: Add beacon functions (bsc#1227149).
- wifi: rtl8xxxu: add hw crypto support for AP mode (bsc#1227149).
- wifi: rtl8xxxu: add macids for STA mode (bsc#1227149).
- wifi: rtl8xxxu: add missing number of sec cam entries for all variants (bsc#1227149).
- wifi: rtl8xxxu: Add parameter force to rtl8xxxu_refresh_rate_mask (bsc#1227149).
- wifi: rtl8xxxu: Add parameter macid to update_rate_mask (bsc#1227149).
- wifi: rtl8xxxu: Add parameter role to report_connect (bsc#1227149).
- wifi: rtl8xxxu: Add set_tim() callback (bsc#1227149).
- wifi: rtl8xxxu: Add sta_add() and sta_remove() callbacks (bsc#1227149).
- wifi: rtl8xxxu: Add start_ap() callback (bsc#1227149).
- wifi: rtl8xxxu: Add TP-Link TL-WN823N V2 (bsc#1227149).
- wifi: rtl8xxxu: Allow creating interface in AP mode (bsc#1227149).
- wifi: rtl8xxxu: Allow setting rts threshold to -1 (bsc#1227149).
- wifi: rtl8xxxu: check vif before using in rtl8xxxu_tx() (bsc#1227149).
- wifi: rtl8xxxu: Clean up filter configuration (bsc#1227149).
- wifi: rtl8xxxu: convert EN_DESC_ID of TX descriptor to le32 type (bsc#1227149).
- wifi: rtl8xxxu: Declare AP mode support for 8188f (bsc#1227149).
- wifi: rtl8xxxu: declare concurrent mode support for 8188f (bsc#1227149).
- wifi: rtl8xxxu: do not parse CFO, if both interfaces are connected in STA mode (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8192EU (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8192FU (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8710BU (RTL8188GU) (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8723BU (bsc#1227149).
- wifi: rtl8xxxu: enable channel switch support (bsc#1227149).
- wifi: rtl8xxxu: Enable hw seq for mgmt/non-QoS data frames (bsc#1227149).
- wifi: rtl8xxxu: enable MFP support with security flag of RX descriptor (bsc#1227149).
- wifi: rtl8xxxu: extend check for matching bssid to both interfaces (bsc#1227149).
- wifi: rtl8xxxu: extend wifi connected check to both interfaces (bsc#1227149).
- wifi: rtl8xxxu: fix error messages (bsc#1227149).
- wifi: rtl8xxxu: Fix LED control code of RTL8192FU (bsc#1227149).
- wifi: rtl8xxxu: fix mixed declarations in rtl8xxxu_set_aifs() (bsc#1227149).
- wifi: rtl8xxxu: Fix off by one initial RTS rate (bsc#1227149).
- wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes).
- wifi: rtl8xxxu: make instances of iface limit and combination to be static const (bsc#1227149).
- wifi: rtl8xxxu: make supporting AP mode only on port 0 transparent (bsc#1227149).
- wifi: rtl8xxxu: mark TOTOLINK N150UA V5/N150UA-B as tested (bsc#1227149).
- wifi: rtl8xxxu: prepare supporting two virtual interfaces (bsc#1227149).
- wifi: rtl8xxxu: Put the macid in txdesc (bsc#1227149).
- wifi: rtl8xxxu: remove assignment of priv->vif in rtl8xxxu_bss_info_changed() (bsc#1227149).
- wifi: rtl8xxxu: remove obsolete priv->vif (bsc#1227149).
- wifi: rtl8xxxu: Remove usage of ieee80211_get_tx_rate() (bsc#1227149).
- wifi: rtl8xxxu: Remove usage of tx_info->control.rates[0].flags (bsc#1227149).
- wifi: rtl8xxxu: Rename some registers (bsc#1227149).
- wifi: rtl8xxxu: rtl8xxxu_rx_complete(): remove unnecessary return (bsc#1227149).
- wifi: rtl8xxxu: Select correct queue for beacon frames (bsc#1227149).
- wifi: rtl8xxxu: Set maximum number of supported stations (bsc#1227149).
- wifi: rtl8xxxu: support multiple interface in start_ap() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in {add,remove}_interface() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in bss_info_changed() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in configure_filter() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in set_aifs() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in update_beacon_work_callback() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in watchdog_callback() (bsc#1227149).
- wifi: rtl8xxxu: Support new chip RTL8192FU (bsc#1227149).
- wifi: rtl8xxxu: support setting bssid register for multiple interfaces (bsc#1227149).
- wifi: rtl8xxxu: support setting linktype for both interfaces (bsc#1227149).
- wifi: rtl8xxxu: support setting mac address register for both interfaces (bsc#1227149).
- wifi: rtl8xxxu: Support USB RX aggregation for the newer chips (bsc#1227149).
- wifi: rtl8xxxu: update rate mask per sta (bsc#1227149).
- wifi: rtlwifi: cleanup few rtlxxx_tx_fill_desc() routines (bsc#1227149).
- wifi: rtlwifi: cleanup few rtlxxxx_set_hw_reg() routines (bsc#1227149).
- wifi: rtlwifi: cleanup struct rtl_hal (bsc#1227149).
- wifi: rtlwifi: cleanup struct rtl_phy (bsc#1227149).
- wifi: rtlwifi: cleanup struct rtl_ps_ctl (bsc#1227149).
- wifi: rtlwifi: cleanup USB interface (bsc#1227149).
- wifi: rtlwifi: Convert to use PCIe capability accessors (bsc#1227149).
- wifi: rtlwifi: drop chk_switch_dmdp() from HAL interface (bsc#1227149).
- wifi: rtlwifi: drop fill_fake_txdesc() from HAL interface (bsc#1227149).
- wifi: rtlwifi: drop pre_fill_tx_bd_desc() from HAL interface (bsc#1227149).
- wifi: rtlwifi: drop unused const_amdpci_aspm (bsc#1227149).
- wifi: rtlwifi: Ignore IEEE80211_CONF_CHANGE_RETRY_LIMITS (bsc#1227149).
- wifi: rtlwifi: Remove bridge vendor/device ids (bsc#1227149).
- wifi: rtlwifi: remove misused flag from HAL data (bsc#1227149).
- wifi: rtlwifi: Remove rtl_intf_ops.read_efuse_byte (bsc#1227149).
- wifi: rtlwifi: remove unreachable code in rtl92d_dm_check_edca_turbo() (bsc#1227149).
- wifi: rtlwifi: remove unused dualmac control leftovers (bsc#1227149).
- wifi: rtlwifi: Remove unused PCI related defines and struct (bsc#1227149).
- wifi: rtlwifi: remove unused timer and related code (bsc#1227149).
- wifi: rtlwifi: rtl8192cu: Fix 2T2R chip type detection (bsc#1227149).
- wifi: rtlwifi: rtl8192cu: Fix TX aggregation (bsc#1227149).
- wifi: rtlwifi: rtl8192de: Do not read register in _rtl92de_query_rxphystatus (bsc#1227149).
- wifi: rtlwifi: rtl8192de: Fix 5 GHz TX power (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes).
- wifi: rtlwifi: rtl8723: Remove unused function rtl8723_cmd_send_packet() (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Access full PMCS reg and use pci_regs.h (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Add pdev into _rtl8821ae_clear_pci_pme_status() (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: phy: remove some useless code (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: phy: using calculate_bit_shift() (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Remove unnecessary PME_Status bit set (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Reverse PM Capability exists check (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Use pci_find_capability() (bsc#1227149).
- wifi: rtlwifi: rtl92ee_dm_dynamic_primary_cca_check(): fix typo in function name (bsc#1227149).
- wifi: rtlwifi: rtl_usb: Store the endpoint addresses (bsc#1227149).
- wifi: rtlwifi: rtl_usb: Use sync register writes (bsc#1227149).
- wifi: rtlwifi: set initial values for unexpected cases of USB endpoint priority (bsc#1227149).
- wifi: rtlwifi: simplify LED management (bsc#1227149).
- wifi: rtlwifi: simplify rtl_action_proc() and rtl_tx_agg_start() (bsc#1227149).
- wifi: rtlwifi: simplify TX command fill callbacks (bsc#1227149).
- wifi: rtlwifi: Speed up firmware loading for USB (bsc#1227149).
- wifi: rtlwifi: use convenient list_count_nodes() (bsc#1227149).
- wifi: rtlwifi: use eth_broadcast_addr() to assign broadcast address (bsc#1227149).
- wifi: rtlwifi: use helper function rtl_get_hdr() (bsc#1227149).
- wifi: rtlwifi: use unsigned long for bt_coexist_8723 timestamp (bsc#1227149).
- wifi: rtlwifi: use unsigned long for rtl_bssid_entry timestamp (bsc#1227149).
- wifi: rtw88: 8821c: tweak CCK TX filter setting for SRRC regulation (bsc#1227149).
- wifi: rtw88: 8821cu: Fix connection failure (stable-fixes).
- wifi: rtw88: 8821c: update TX power limit to V67 (bsc#1227149).
- wifi: rtw88: 8822ce: refine power parameters for RFE type 5 (bsc#1227149).
- wifi: rtw88: 8822c: update TX power limit to V70 (bsc#1227149).
- wifi: rtw88: add missing unwind goto for __rtw_download_firmware() (bsc#1227149).
- wifi: rtw88: Add missing VID/PIDs for 8811CU and 8821CU (stable-fixes).
- wifi: rtw88: Add support for the SDIO based RTL8723DS chipset (bsc#1227149).
- wifi: rtw88: debug: add to check if debug mask is enabled (bsc#1227149).
- wifi: rtw88: debug: remove wrapper of rtw_dbg() (bsc#1227149).
- wifi: rtw88: dump firmware debug information in abnormal state (bsc#1227149).
- wifi: rtw88: Fix action frame transmission fail before association (bsc#1227149).
- wifi: rtw88: Fix AP mode incorrect DTIM behavior (bsc#1227149).
- wifi: rtw88: fix incorrect error codes in rtw_debugfs_copy_from_user (bsc#1227149).
- wifi: rtw88: fix incorrect error codes in rtw_debugfs_set_* (bsc#1227149).
- wifi: rtw88: fix not entering PS mode after AP stops (bsc#1227149).
- wifi: rtw88: fix typo rtw8822cu_probe (bsc#1227149).
- wifi: rtw88: process VO packets without workqueue to avoid PTK rekey failed (bsc#1227149).
- wifi: rtw88: refine register based H2C command (bsc#1227149).
- wifi: rtw88: regd: configure QATAR and UK (bsc#1227149).
- wifi: rtw88: regd: update regulatory map to R64-R42 (bsc#1227149).
- wifi: rtw88: remove unused and set but unused leftovers (bsc#1227149).
- wifi: rtw88: remove unused USB bulkout size set (bsc#1227149).
- wifi: rtw88: rtw8723d: Implement RTL8723DS (SDIO) efuse parsing (bsc#1227149).
- wifi: rtw88: simplify __rtw_tx_work() (bsc#1227149).
- wifi: rtw88: simplify vif iterators (bsc#1227149).
- wifi: rtw88: Skip high queue in hci_flush (bsc#1227149).
- wifi: rtw88: Stop high queue during scan (bsc#1227149).
- wifi: rtw88: use cfg80211_ssid_eq() instead of rtw_ssid_equal() (bsc#1227149).
- wifi: rtw88: use kstrtoX_from_user() in debugfs handlers (bsc#1227149).
- wifi: rtw88: Use random MAC when efuse MAC invalid (bsc#1227149).
- wifi: rtw88: use struct instead of macros to set TX desc (bsc#1227149).
- wifi: rtw89: 52c: rfk: disable DPK during MCC (bsc#1227149).
- wifi: rtw89: 52c: rfk: refine MCC channel info notification (bsc#1227149).
- wifi: rtw89: 8851b: add 8851B basic chip_info (bsc#1227149).
- wifi: rtw89: 8851b: add 8851be to Makefile and Kconfig (bsc#1227149).
- wifi: rtw89: 8851b: add basic power on function (bsc#1227149).
- wifi: rtw89: 8851b: add BT coexistence support function (bsc#1227149).
- wifi: rtw89: 8851b: add DLE mem and HFC quota (bsc#1227149).
- wifi: rtw89: 8851b: add MAC configurations to chip_info (bsc#1227149).
- wifi: rtw89: 8851b: add NCTL post table (bsc#1227149).
- wifi: rtw89: 8851b: add RF configurations (bsc#1227149).
- wifi: rtw89: 8851b: add set channel function (bsc#1227149).
- wifi: rtw89: 8851b: add set_channel_rf() (bsc#1227149).
- wifi: rtw89: 8851b: add support WoWLAN to 8851B (bsc#1227149).
- wifi: rtw89: 8851b: add to parse efuse content (bsc#1227149).
- wifi: rtw89: 8851b: add to read efuse version to recognize hardware version B (bsc#1227149).
- wifi: rtw89: 8851b: add TX power related functions (bsc#1227149).
- wifi: rtw89: 8851b: configure CRASH_TRIGGER feature for 8851B (bsc#1227149).
- wifi: rtw89: 8851b: configure GPIO according to RFE type (bsc#1227149).
- wifi: rtw89: 8851b: configure to force 1 TX power value (bsc#1227149).
- wifi: rtw89: 8851be: add 8851BE PCI entry and fill PCI capabilities (bsc#1227149).
- wifi: rtw89: 8851b: enable hw_scan support (bsc#1227149).
- wifi: rtw89: 8851b: fill BB related capabilities to chip_info (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add AACK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add DACK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add DPK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add IQK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add LCK track (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add RCK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add RX DCK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add TSSI (bsc#1227149).
- wifi: rtw89: 8851b: rfk: Fix spelling mistake KIP_RESOTRE -> KIP_RESTORE (bsc#1227149).
- wifi: rtw89: 8851b: rfk: update IQK to version 0x8 (bsc#1227149).
- wifi: rtw89: 8851b: update RF radio A parameters to R28 (bsc#1227149).
- wifi: rtw89: 8851b: update TX power tables to R28 (bsc#1227149).
- wifi: rtw89: 8851b: update TX power tables to R34 (bsc#1227149).
- wifi: rtw89: 8851b: update TX power tables to R37 (bsc#1227149).
- wifi: rtw89: 8852b: fix definition of KIP register number (git-fixes).
- wifi: rtw89: 8852b: update TX power tables to R35 (bsc#1227149).
- wifi: rtw89: 8852b: update TX power tables to R36 (bsc#1227149).
- wifi: rtw89: 8852c: add quirk to set PCI BER for certain platforms (bsc#1227149).
- wifi: rtw89: 8852c: declare to support two chanctx (bsc#1227149).
- wifi: rtw89: 8852c: Fix TSSI causes transmit power inaccuracy (bsc#1227149).
- wifi: rtw89: 8852c: read RX gain offset from efuse for 6GHz channels (bsc#1227149).
- wifi: rtw89: 8852c: Update bandedge parameters for better performance (bsc#1227149).
- wifi: rtw89: 8852c: update RF radio A/B parameters to R63 (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (1 of 3) (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (2 of 3) (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (3 of 3) (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R67 (bsc#1227149).
- wifi: rtw89: 8922a: add 8922A basic chip info (bsc#1227149).
- wifi: rtw89: 8922a: add BTG functions to assist BT coexistence to control TX/RX (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::bb_preinit to enable BB before downloading firmware (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::cfg_txrx_path (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::{enable,disable}_bb_rf (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops related to BB init (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::rfk_hw_init (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::rfk_init_late to do initial RF calibrations later (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops to get thermal value (bsc#1227149).
- wifi: rtw89: 8922a: add coexistence helpers of SW grant (bsc#1227149).
- wifi: rtw89: 8922a: add helper of set_channel (bsc#1227149).
- wifi: rtw89: 8922a: add ieee80211_ops::hw_scan (bsc#1227149).
- wifi: rtw89: 8922a: add more fields to beacon H2C command to support multi-links (bsc#1227149).
- wifi: rtw89: 8922a: add NCTL pre-settings for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: 8922a: add power on/off functions (bsc#1227149).
- wifi: rtw89: 8922a: add register definitions of H2C, C2H, page, RRSR and EDCCA (bsc#1227149).
- wifi: rtw89: 8922a: add RF read/write v2 (bsc#1227149).
- wifi: rtw89: 8922a: add SER IMR tables (bsc#1227149).
- wifi: rtw89: 8922a: add set_channel BB part (bsc#1227149).
- wifi: rtw89: 8922a: add set_channel MAC part (bsc#1227149).
- wifi: rtw89: 8922a: add set_channel RF part (bsc#1227149).
- wifi: rtw89: 8922a: add TX power related ops (bsc#1227149).
- wifi: rtw89: 8922a: configure CRASH_TRIGGER FW feature (bsc#1227149).
- wifi: rtw89: 8922a: correct register definition and merge IO for ctrl_nbtg_bt_tx() (bsc#1227149).
- wifi: rtw89: 8922a: declare to support two chanctx (bsc#1227149).
- wifi: rtw89: 8922a: dump MAC registers when SER occurs (bsc#1227149).
- wifi: rtw89: 8922ae: add 8922AE PCI entry and basic info (bsc#1227149).
- wifi: rtw89: 8922ae: add v2 interrupt handlers for 8922AE (bsc#1227149).
- wifi: rtw89: 8922a: extend and add quota number (bsc#1227149).
- wifi: rtw89: 8922a: hook handlers of TX/RX descriptors to chip_ops (bsc#1227149).
- wifi: rtw89: 8922a: implement AP mode related reg for BE generation (bsc#1227149).
- wifi: rtw89: 8922a: implement {stop,resume}_sch_tx and cfg_ppdu (bsc#1227149).
- wifi: rtw89: 8922a: read efuse content from physical map (bsc#1227149).
- wifi: rtw89: 8922a: read efuse content via efuse map struct from logic map (bsc#1227149).
- wifi: rtw89: 8922a: rfk: implement chip_ops to call RF calibrations (bsc#1227149).
- wifi: rtw89: 8922a: set chip_ops FEM and GPIO to NULL (bsc#1227149).
- wifi: rtw89: 8922a: set memory heap address for secure firmware (bsc#1227149).
- wifi: rtw89: 8922a: set RX gain along with set_channel operation (bsc#1227149).
- wifi: rtw89: 8922a: update BA CAM number to 24 (bsc#1227149).
- wifi: rtw89: 8922a: update the register used in DIG and the DIG flow (bsc#1227149).
- wifi: rtw89: acpi: process 6 GHz band policy from DSM (bsc#1227149).
- wifi: rtw89: add C2H event handlers of RFK log and report (bsc#1227149).
- wifi: rtw89: add C2H RA event V1 to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add CFO XTAL registers field to support 8851B (bsc#1227149).
- wifi: rtw89: add chip_info::chip_gen to determine chip generation (bsc#1227149).
- wifi: rtw89: add chip_info::txwd_info size to generalize TX WD submit (bsc#1227149).
- wifi: rtw89: add chip_ops::h2c_ba_cam() to configure BA CAM (bsc#1227149).
- wifi: rtw89: add chip_ops::query_rxdesc() and rxd_len as helpers to support newer chips (bsc#1227149).
- wifi: rtw89: add chip_ops::update_beacon to abstract update beacon operation (bsc#1227149).
- wifi: rtw89: add DBCC H2C to notify firmware the status (bsc#1227149).
- wifi: rtw89: add EHT capabilities for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add EHT radiotap in monitor mode (bsc#1227149).
- wifi: rtw89: Add EHT rate mask as parameters of RA H2C command (bsc#1227149).
- wifi: rtw89: add EVM and SNR statistics to debugfs (bsc#1227149).
- wifi: rtw89: add EVM for antenna diversity (bsc#1227149).
- wifi: rtw89: add firmware H2C command of BA CAM V1 (bsc#1227149).
- wifi: rtw89: add firmware parser for v1 format (bsc#1227149).
- wifi: rtw89: add firmware suit for BB MCU 0/1 (bsc#1227149).
- wifi: rtw89: add function prototype for coex request duration (bsc#1227149).
- wifi: rtw89: add H2C command to download beacon frame for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add H2C RA command V1 to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add mac_gen pointer to access mac port registers (bsc#1227149).
- wifi: rtw89: add mlo_dbcc_mode for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add new H2C command to pause/sleep transmitting by MAC ID (bsc#1227149).
- wifi: rtw89: add new H2C for PS mode in 802.11be chip (bsc#1227149).
- wifi: rtw89: add reserved size as factor of DLE used size (bsc#1227149).
- wifi: rtw89: add RSSI based antenna diversity (bsc#1227149).
- wifi: rtw89: add RSSI statistics for the case of antenna diversity to debugfs (bsc#1227149).
- wifi: rtw89: add subband index of primary channel to struct rtw89_chan (bsc#1227149).
- wifi: rtw89: add to display hardware rates v1 histogram in debugfs (bsc#1227149).
- wifi: rtw89: add to fill TX descriptor for firmware command v2 (bsc#1227149).
- wifi: rtw89: add to fill TX descriptor v2 (bsc#1227149).
- wifi: rtw89: add to parse firmware elements of BB and RF tables (bsc#1227149).
- wifi: rtw89: add to query RX descriptor format v2 (bsc#1227149).
- wifi: rtw89: add tx_wake notify for 8851B (bsc#1227149).
- wifi: rtw89: add wait/completion for abort scan (bsc#1227149).
- wifi: rtw89: add XTAL SI for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: adjust init_he_cap() to add EHT cap into iftype_data (bsc#1227149).
- wifi: rtw89: advertise missing extended scan feature (bsc#1227149).
- wifi: rtw89: avoid stringop-overflow warning (bsc#1227149).
- wifi: rtw89: call rtw89_chan_get() by vif chanctx if aware of vif (bsc#1227149).
- wifi: rtw89: chan: add sub-entity swap function to cover replacing (bsc#1227149).
- wifi: rtw89: change naming of BA CAM from V1 to V0_EXT (bsc#1227149).
- wifi: rtw89: change qutoa to DBCC by default for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: change supported bandwidths of chip_info to bit mask (bsc#1227149).
- wifi: rtw89: chan: MCC take reconfig into account (bsc#1227149).
- wifi: rtw89: chan: move handling from add/remove to assign/unassign for MLO (bsc#1227149).
- wifi: rtw89: chan: support MCC on Wi-Fi 7 chips (bsc#1227149).
- wifi: rtw89: chan: tweak bitmap recalc ahead before MLO (bsc#1227149).
- wifi: rtw89: chan: tweak weight recalc ahead before MLO (bsc#1227149).
- wifi: rtw89: cleanup firmware elements parsing (bsc#1227149).
- wifi: rtw89: cleanup private data structures (bsc#1227149).
- wifi: rtw89: cleanup rtw89_iqk_info and related code (bsc#1227149).
- wifi: rtw89: coex: add annotation __counted_by() for struct rtw89_btc_btf_set_slot_table (bsc#1227149).
- wifi: rtw89: coex: add annotation __counted_by() to struct rtw89_btc_btf_set_mon_reg (bsc#1227149).
- wifi: rtw89: coex: Add Bluetooth RSSI level information (bsc#1227149).
- wifi: rtw89: coex: add BTC ctrl_info version 7 and related logic (bsc#1227149).
- wifi: rtw89: coex: Add coexistence policy to decrease WiFi packet CRC-ERR (bsc#1227149).
- wifi: rtw89: coex: add init_info H2C command format version 7 (bsc#1227149).
- wifi: rtw89: coex: Add Pre-AGC control to enhance Wi-Fi RX performance (bsc#1227149).
- wifi: rtw89: coex: add return value to ensure H2C command is success or not (bsc#1227149).
- wifi: rtw89: coex: fix configuration for shared antenna for 8922A (bsc#1227149).
- wifi: rtw89: coex: Fix wrong Wi-Fi role info and FDDT parameter members (bsc#1227149).
- wifi: rtw89: coex: Record down Wi-Fi initial mode information (bsc#1227149).
- wifi: rtw89: coex: Reorder H2C command index to align with firmware (bsc#1227149).
- wifi: rtw89: coex: Set Bluetooth scan low-priority when Wi-Fi link/scan (bsc#1227149).
- wifi: rtw89: coex: Still show hardware grant signal info even Wi-Fi is PS (bsc#1227149).
- wifi: rtw89: coex: To improve Wi-Fi performance while BT is idle (bsc#1227149).
- wifi: rtw89: coex: Translate antenna configuration from ID to string (bsc#1227149).
- wifi: rtw89: coex: Update BTG control related logic (bsc#1227149).
- wifi: rtw89: coex: Update coexistence policy for Wi-Fi LPS (bsc#1227149).
- wifi: rtw89: coex: Update RF parameter control setting logic (bsc#1227149).
- wifi: rtw89: coex: use struct assignment to replace memcpy() to append TDMA content (bsc#1227149).
- wifi: rtw89: coex: When Bluetooth not available do not set power/gain (bsc#1227149).
- wifi: rtw89: configure PPDU max user by chip (bsc#1227149).
- wifi: rtw89: consider RX info for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: consolidate registers of mac port to struct (bsc#1227149).
- wifi: rtw89: correct aSIFSTime for 6GHz band (stable-fixes).
- wifi: rtw89: correct PHY register offset for PHY-1 (bsc#1227149).
- wifi: rtw89: correct the DCFO tracking flow to improve CFO compensation (bsc#1227149).
- wifi: rtw89: debug: add debugfs entry to disable dynamic mechanism (bsc#1227149).
- wifi: rtw89: debug: add FW log component for scan (bsc#1227149).
- wifi: rtw89: debug: add to check if debug mask is enabled (bsc#1227149).
- wifi: rtw89: debug: remove wrapper of rtw89_debug() (bsc#1227149).
- wifi: rtw89: debug: show txpwr table according to chip gen (bsc#1227149).
- wifi: rtw89: debug: txpwr table access only valid page according to chip (bsc#1227149).
- wifi: rtw89: debug: txpwr table supports Wi-Fi 7 chips (bsc#1227149).
- wifi: rtw89: declare EXT NSS BW of VHT capability (bsc#1227149).
- wifi: rtw89: declare MCC in interface combination (bsc#1227149).
- wifi: rtw89: define hardware rate v1 for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: differentiate narrow_bw_ru_dis setting according to chip gen (bsc#1227149).
- wifi: rtw89: disable RTS when broadcast/multicast (bsc#1227149).
- wifi: rtw89: download firmware with five times retry (bsc#1227149).
- wifi: rtw89: drop TIMING_BEACON_ONLY and sync beacon TSF by self (bsc#1227149).
- wifi: rtw89: enlarge supported length of read_reg debugfs entry (bsc#1227149).
- wifi: rtw89: extend PHY status parser to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (git-fixes).
- wifi: rtw89: fix a width vs precision bug (bsc#1227149).
- wifi: rtw89: Fix clang -Wimplicit-fallthrough in rtw89_query_sar() (bsc#1227149).
- wifi: rtw89: fix disabling concurrent mode TX hang issue (bsc#1227149).
- wifi: rtw89: fix HW scan not aborting properly (git-fixes).
- wifi: rtw89: fix HW scan timeout due to TSF sync issue (bsc#1227149).
- wifi: rtw89: fix misbehavior of TX beacon in concurrent mode (bsc#1227149).
- wifi: rtw89: fix not entering PS mode after AP stops (bsc#1227149).
- wifi: rtw89: fix null pointer access when abort scan (stable-fixes).
- wifi: rtw89: fix spelling typo of IQK debug messages (bsc#1227149).
- wifi: rtw89: fix typo of rtw89_fw_h2c_mcc_macid_bitmap() (bsc#1227149).
- wifi: rtw89: fw: add checking type for variant type of firmware (bsc#1227149).
- wifi: rtw89: fw: add chip_ops to update CMAC table to associated station (bsc#1227149).
- wifi: rtw89: fw: add definition of H2C command and C2H event for MRC series (bsc#1227149).
- wifi: rtw89: fw: add H2C command to reset CMAC table for WiFi 7 (bsc#1227149).
- wifi: rtw89: fw: add H2C command to reset DMAC table for WiFi 7 (bsc#1227149).
- wifi: rtw89: fw: add H2C command to update security CAM v2 (bsc#1227149).
- wifi: rtw89: fw: add version field to BB MCU firmware element (bsc#1227149).
- wifi: rtw89: fw: consider checksum length of security data (bsc#1227149).
- wifi: rtw89: fw: download firmware with key data for secure boot (bsc#1227149).
- wifi: rtw89: fw: extend JOIN H2C command to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fw: extend program counter dump for Wi-Fi 7 chip (bsc#1227149).
- wifi: rtw89: fw: fill CMAC table to associated station for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fw: generalize download firmware flow by mac_gen pointers (bsc#1227149).
- wifi: rtw89: fw: implement MRC H2C command functions (bsc#1227149).
- wifi: rtw89: fw: implement supported functions of download firmware for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fw: load TX power track tables from fw_element (bsc#1227149).
- wifi: rtw89: fw: move polling function of firmware path ready to an individual function (bsc#1227149).
- wifi: rtw89: fw: parse secure section from firmware file (bsc#1227149).
- wifi: rtw89: fw: propagate an argument include_bb for BB MCU firmware (bsc#1227149).
- wifi: rtw89: fw: read firmware secure information from efuse (bsc#1227149).
- wifi: rtw89: fw: refine download flow to support variant firmware suits (bsc#1227149).
- wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband (bsc#1227149).
- wifi: rtw89: fw: update TX AMPDU parameter to CMAC table (bsc#1227149).
- wifi: rtw89: fw: use struct to fill BA CAM H2C commands (bsc#1227149).
- wifi: rtw89: fw: use struct to fill JOIN H2C command (bsc#1227149).
- wifi: rtw89: get data rate mode/NSS/MCS v1 from RX descriptor (bsc#1227149).
- wifi: rtw89: indicate TX power by rate table inside RFE parameter (bsc#1227149).
- wifi: rtw89: indicate TX shape table inside RFE parameter (bsc#1227149).
- wifi: rtw89: initialize antenna for antenna diversity (bsc#1227149).
- wifi: rtw89: initialize multi-channel handling (bsc#1227149).
- wifi: rtw89: introduce infrastructure of firmware elements (bsc#1227149).
- wifi: rtw89: introduce realtek ACPI DSM method (bsc#1227149).
- wifi: rtw89: Introduce Time Averaged SAR (TAS) feature (bsc#1227149).
- wifi: rtw89: introduce v1 format of firmware header (bsc#1227149).
- wifi: rtw89: load BB parameters to PHY-1 (bsc#1227149).
- wifi: rtw89: load RFK log format string from firmware file (bsc#1227149).
- wifi: rtw89: load TX power by rate when RFE parms setup (bsc#1227149).
- wifi: rtw89: load TX power related tables from FW elements (bsc#1227149).
- wifi: rtw89: mac: add coexistence helpers {cfg/get}_plt (bsc#1227149).
- wifi: rtw89: mac: add feature_init to initialize BA CAM V1 (bsc#1227149).
- wifi: rtw89: mac: add flags to check if CMAC and DMAC are enabled (bsc#1227149).
- wifi: rtw89: mac: add mac_gen_def::band1_offset to map MAC band1 register address (bsc#1227149).
- wifi: rtw89: mac: add registers of MU-EDCA parameters for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: add suffix _ax to MAC functions (bsc#1227149).
- wifi: rtw89: mac: add sys_init and filter option for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: add to access efuse for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: add to get DLE reserved quota (bsc#1227149).
- wifi: rtw89: mac: check queue empty according to chip gen (bsc#1227149).
- wifi: rtw89: mac: correct MUEDCA setting for MAC-1 (bsc#1227149).
- wifi: rtw89: mac: define internal memory address for WiFi 7 chip (bsc#1227149).
- wifi: rtw89: mac: define register address of rx_filter to generalize code (bsc#1227149).
- wifi: rtw89: mac: do bf_monitor only if WiFi 6 chips (bsc#1227149).
- wifi: rtw89: mac: Fix spelling mistakes 'notfify' -> 'notify' (bsc#1227149).
- wifi: rtw89: mac: functions to configure hardware engine and quota for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: generalize code to indirectly access WiFi internal memory (bsc#1227149).
- wifi: rtw89: mac: generalize register of MU-EDCA switch according to chip gen (bsc#1227149).
- wifi: rtw89: mac: get TX power control register according to chip gen (bsc#1227149).
- wifi: rtw89: mac: handle C2H receive/done ACK in interrupt context (bsc#1227149).
- wifi: rtw89: mac: implement MRC C2H event handling (bsc#1227149).
- wifi: rtw89: mac: implement to configure TX/RX engines for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: move code related to hardware engine to individual functions (bsc#1227149).
- wifi: rtw89: mac: refine SER setting during WiFi CPU power on (bsc#1227149).
- wifi: rtw89: mac: reset PHY-1 hardware when going to enable/disable (bsc#1227149).
- wifi: rtw89: mac: return held quota of DLE when changing MAC-1 (bsc#1227149).
- wifi: rtw89: mac: set bf_assoc capabilities according to chip gen (bsc#1227149).
- wifi: rtw89: mac: set bfee_ctrl() according to chip gen (bsc#1227149).
- wifi: rtw89: mac: update RTS threshold according to chip gen (bsc#1227149).
- wifi: rtw89: mac: use mac_gen pointer to access about efuse (bsc#1227149).
- wifi: rtw89: mac: use pointer to access functions of hardware engine and quota (bsc#1227149).
- wifi: rtw89: mcc: consider and determine BT duration (bsc#1227149).
- wifi: rtw89: mcc: deal with beacon NoA if GO exists (bsc#1227149).
- wifi: rtw89: mcc: deal with BT slot change (bsc#1227149).
- wifi: rtw89: mcc: deal with P2P PS change (bsc#1227149).
- wifi: rtw89: mcc: decide pattern and calculate parameters (bsc#1227149).
- wifi: rtw89: mcc: fill fundamental configurations (bsc#1227149).
- wifi: rtw89: mcc: fix NoA start time when GO is auxiliary (bsc#1227149).
- wifi: rtw89: mcc: initialize start flow (bsc#1227149).
- wifi: rtw89: mcc: track beacon offset and update when needed (bsc#1227149).
- wifi: rtw89: mcc: trigger FW to start/stop MCC (bsc#1227149).
- wifi: rtw89: mcc: update role bitmap when changed (bsc#1227149).
- wifi: rtw89: modify the register setting and the flow of CFO tracking (bsc#1227149).
- wifi: rtw89: move software DCFO compensation setting to proper position (bsc#1227149).
- wifi: rtw89: only reset BB/RF for existing WiFi 6 chips while starting up (bsc#1227149).
- wifi: rtw89: packet offload wait for FW response (bsc#1227149).
- wifi: rtw89: parse and print out RFK log from C2H events (bsc#1227149).
- wifi: rtw89: parse EHT information from RX descriptor and PPDU status packet (bsc#1227149).
- wifi: rtw89: parse TX EHT rate selected by firmware from RA C2H report (bsc#1227149).
- wifi: rtw89: pause/proceed MCC for ROC and HW scan (bsc#1227149).
- wifi: rtw89: pci: add LTR v2 for WiFi 7 chip (bsc#1227149).
- wifi: rtw89: pci: add new RX ring design to determine full RX ring efficiently (bsc#1227149).
- wifi: rtw89: pci: add PCI generation information to pci_info for each chip (bsc#1227149).
- wifi: rtw89: pci: add pre_deinit to be called after probe complete (bsc#1227149).
- wifi: rtw89: pci: correct interrupt mitigation register for 8852CE (bsc#1227149).
- wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of firmware command (git-fixes).
- wifi: rtw89: pci: define PCI ring address for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: enlarge RX DMA buffer to consider size of RX descriptor (stable-fixes).
- wifi: rtw89: pci: fix interrupt enable mask for HALT C2H of RTL8851B (bsc#1227149).
- wifi: rtw89: pci: generalize code of PCI control DMA IO for WiFi 7 (bsc#1227149).
- wifi: rtw89: pci: generalize interrupt status bits of interrupt handlers (bsc#1227149).
- wifi: rtw89: pci: implement PCI CLK/ASPM/L1SS for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: implement PCI mac_post_init for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: implement PCI mac_pre_init for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: interrupt v2 refine IMR for SER (bsc#1227149).
- wifi: rtw89: pci: reset BDRAM according to chip gen (bsc#1227149).
- wifi: rtw89: pci: stop/start DMA for level 1 recovery according to chip gen (bsc#1227149).
- wifi: rtw89: pci: update interrupt mitigation register for 8922AE (bsc#1227149).
- wifi: rtw89: pci: update SER timer unit and timeout time (bsc#1227149).
- wifi: rtw89: pci: use DBI function for 8852AE/8852BE/8851BE (bsc#1227149).
- wifi: rtw89: pci: use gen_def pointer to configure mac_{pre,post}_init and clear PCI ring index (bsc#1227149).
- wifi: rtw89: pci: validate RX tag for RXQ and RPQ (bsc#1227149).
- wifi: rtw89: phy: add BB wrapper of TX power for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: phy: add parser to support RX gain dynamic setting flow (bsc#1227149).
- wifi: rtw89: phy: add phy_gen_def::cr_base to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: phy: change naming related BT coexistence functions (bsc#1227149).
- wifi: rtw89: phy: dynamically adjust EDCCA threshold (bsc#1227149).
- wifi: rtw89: phy: extend TX power common stuffs for Wi-Fi 7 chips (bsc#1227149).
- wifi: rtw89: phy: generalize valid bit of BSS color (bsc#1227149).
- wifi: rtw89: phy: ignore special data from BB parameter file (bsc#1227149).
- wifi: rtw89: phy: modify register setting of ENV_MNTR, PHYSTS and DIG (bsc#1227149).
- wifi: rtw89: phy: move bb_gain_info used by WiFi 6 chips to union (bsc#1227149).
- wifi: rtw89: phy: print out RFK log with formatted string (bsc#1227149).
- wifi: rtw89: phy: rate pattern handles HW rate by chip gen (bsc#1227149).
- wifi: rtw89: phy: refine helpers used for raw TX power (bsc#1227149).
- wifi: rtw89: phy: set channel_info for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: phy: set TX power by rate according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set TX power limit according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set TX power offset according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set TX power RU limit according to chip gen (bsc#1227149).
- wifi: rtw89: prepare scan leaf functions for wifi 7 ICs (bsc#1227149).
- wifi: rtw89: process regulatory for 6 GHz power type (bsc#1227149).
- wifi: rtw89: provide functions to configure NoA for beacon update (bsc#1227149).
- wifi: rtw89: recognize log format from firmware file (bsc#1227149).
- wifi: rtw89: reference quota mode when setting Tx power (bsc#1227149).
- wifi: rtw89: Refine active scan behavior in 6 GHz (bsc#1227149).
- wifi: rtw89: refine add_chan H2C command to encode_bits (bsc#1227149).
- wifi: rtw89: refine bandwidth 160MHz uplink OFDMA performance (bsc#1227149).
- wifi: rtw89: refine clearing supported bands to check 2/5 GHz first (bsc#1227149).
- wifi: rtw89: refine element naming used by queue empty check (bsc#1227149).
- wifi: rtw89: refine H2C command that pause transmitting by MAC ID (bsc#1227149).
- wifi: rtw89: refine hardware scan C2H events (bsc#1227149).
- wifi: rtw89: refine packet offload delete flow of 6 GHz probe (bsc#1227149).
- wifi: rtw89: refine packet offload handling under SER (bsc#1227149).
- wifi: rtw89: refine remain on channel flow to improve P2P connection (bsc#1227149).
- wifi: rtw89: refine rtw89_correct_cck_chan() by rtw89_hw_to_nl80211_band() (bsc#1227149).
- wifi: rtw89: refine uplink trigger based control mechanism (bsc#1227149).
- wifi: rtw89: regd: configure Thailand in regulation type (bsc#1227149).
- wifi: rtw89: regd: handle policy of 6 GHz according to BIOS (bsc#1227149).
- wifi: rtw89: regd: judge 6 GHz according to chip and BIOS (bsc#1227149).
- wifi: rtw89: regd: judge UNII-4 according to BIOS and chip (bsc#1227149).
- wifi: rtw89: regd: update regulatory map to R64-R40 (bsc#1227149).
- wifi: rtw89: regd: update regulatory map to R64-R43 (bsc#1227149).
- wifi: rtw89: regd: update regulatory map to R65-R44 (bsc#1227149).
- wifi: rtw89: release bit in rtw89_fw_h2c_del_pkt_offload() (bsc#1227149).
- wifi: rtw89: return failure if needed firmware elements are not recognized (bsc#1227149).
- wifi: rtw89: rfk: add a completion to wait RF calibration report from C2H event (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger DACK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger DPK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger IQK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger RX DCK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger TSSI (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger TXGAPK (bsc#1227149).
- wifi: rtw89: rfk: disable driver tracking during MCC (bsc#1227149).
- wifi: rtw89: rfk: send channel information to firmware for RF calibrations (bsc#1227149).
- wifi: rtw89: sar: let caller decide the center frequency to query (bsc#1227149).
- wifi: rtw89: scan offload wait for FW done ACK (bsc#1227149).
- wifi: rtw89: ser: L1 add pre-M0 and post-M0 states (bsc#1227149).
- wifi: rtw89: ser: reset total_sta_assoc and tdls_peer when L2 (bsc#1227149).
- wifi: rtw89: set capability of TX antenna diversity (bsc#1227149).
- wifi: rtw89: Set default CQM config if not present (bsc#1227149).
- wifi: rtw89: set entry size of address CAM to H2C field by chip (bsc#1227149).
- wifi: rtw89: set TX power without precondition during setting channel (bsc#1227149).
- wifi: rtw89: show EHT rate in debugfs (bsc#1227149).
- wifi: rtw89: support firmware log with formatted text (bsc#1227149).
- wifi: rtw89: support U-NII-4 channels on 5GHz band (bsc#1227149).
- wifi: rtw89: suppress the log for specific SER called CMDPSR_FRZTO (bsc#1227149).
- wifi: rtw89: tweak H2C TX waiting function for SER (bsc#1227149).
- wifi: rtw89: TX power stuffs replace confusing naming of _max with _num (bsc#1227149).
- wifi: rtw89: update DMA function with different generation (bsc#1227149).
- wifi: rtw89: Update EHT PHY beamforming capability (bsc#1227149).
- wifi: rtw89: update ps_state register for chips with different generation (bsc#1227149).
- wifi: rtw89: update scan C2H messages for wifi 7 IC (bsc#1227149).
- wifi: rtw89: update suspend/resume for different generation (bsc#1227149).
- wifi: rtw89: use chip_info::small_fifo_size to choose debug_mask (bsc#1227149).
- wifi: rtw89: use flexible array member in rtw89_btc_btf_tlv (bsc#1227149).
- wifi: rtw89: use PLCP information to match BSS_COLOR and AID (bsc#1227149).
- wifi: rtw89: use struct and le32_get_bits() to access received PHY status IEs (bsc#1227149).
- wifi: rtw89: use struct and le32_get_bits() to access RX descriptor (bsc#1227149).
- wifi: rtw89: use struct and le32_get_bits to access RX info (bsc#1227149).
- wifi: rtw89: use struct rtw89_phy_sts_ie0 instead of macro to access PHY IE0 status (bsc#1227149).
- wifi: rtw89: use struct to access firmware C2H event header (bsc#1227149).
- wifi: rtw89: use struct to access RA report (bsc#1227149).
- wifi: rtw89: use struct to access register-based H2C/C2H (bsc#1227149).
- wifi: rtw89: use struct to fill H2C command to download beacon frame (bsc#1227149).
- wifi: rtw89: use struct to parse firmware header (bsc#1227149).
- wifi: rtw89: use struct to set RA H2C command (bsc#1227149).
- wifi: rtw89: wow: move release offload packet earlier for WoWLAN mode (bsc#1227149).
- wifi: rtw89: wow: refine WoWLAN flows of HCI interrupts and low power mode (bsc#1227149).
- wifi: rtw89: wow: set security engine options for 802.11ax chips only (bsc#1227149).
- wifi: rtw89: wow: update config mac function with different generation (bsc#1227149).
- wifi: rtw89: wow: update WoWLAN reason register for different chips (bsc#1227149).
- wifi: rtw89: wow: update WoWLAN status register for different generation (bsc#1227149).
- wifi: ti: wlcore: sdio: Drop unused include (bsc#1227149).
- wifi: virt_wifi: avoid reporting connection success with wrong SSID (git-fixes).
- wifi: virt_wifi: do not use strlen() in const context (git-fixes).
- wifi: wcn36xx: Annotate struct wcn36xx_hal_ind_msg with __counted_by (bsc#1227149).
- wifi: wcn36xx: Convert to platform remove callback returning void (bsc#1227149).
- wifi: wcn36xx: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: wext: avoid extra calls to strlen() in ieee80211_bss() (bsc#1227149).
- wifi: wfx: allow to send frames during ROC (bsc#1227149).
- wifi: wfx: fix power_save setting when AP is stopped (bsc#1227149).
- wifi: wfx: implement wfx_remain_on_channel() (bsc#1227149).
- wifi: wfx: introduce hif_scan_uniq() (bsc#1227149).
- wifi: wfx: move wfx_skb_*() out of the header file (bsc#1227149).
- wifi: wfx: relocate wfx_rate_mask_to_hw() (bsc#1227149).
- wifi: wfx: scan_lock is global to the device (bsc#1227149).
- wifi: wfx: simplify exclusion between scan and Rx filters (bsc#1227149).
- wifi: wfx: Use devm_kmemdup to replace devm_kmalloc + memcpy (bsc#1227149).
- wifi: wil6210: fw: Replace zero-length arrays with DECLARE_FLEX_ARRAY() helper (bsc#1227149).
- wifi: wil6210: wmi: Replace zero-length array with DECLARE_FLEX_ARRAY() helper (bsc#1227149).
- wifi: wilc1000: add back-off algorithm to balance tx queue packets (bsc#1227149).
- wifi: wilc1000: add missing read critical sections around vif list traversal (bsc#1227149).
- wifi: wilc1000: add SPI commands retry mechanism (bsc#1227149).
- wifi: wilc1000: always release SDIO host in wilc_sdio_cmd53() (bsc#1227149).
- wifi: wilc1000: cleanup struct wilc_conn_info (bsc#1227149).
- wifi: wilc1000: correct CRC7 calculation (bsc#1227149).
- wifi: wilc1000: fix declarations ordering (bsc#1227149).
- wifi: wilc1000: fix driver_handler when committing initial configuration (bsc#1227149).
- wifi: wilc1000: fix ies_len type in connect path (git-fixes).
- wifi: wilc1000: fix incorrect power down sequence (bsc#1227149).
- wifi: wilc1000: Increase ASSOC response buffer (bsc#1227149).
- wifi: wilc1000: remove AKM suite be32 conversion for external auth request (bsc#1227149).
- wifi: wilc1000: remove setting msg.spi (bsc#1227149).
- wifi: wilc1000: Remove unused declarations (bsc#1227149).
- wifi: wilc1000: remove use of has_thrpt_enh3 flag (bsc#1227149).
- wifi: wilc1000: set preamble size to auto as default in wilc_init_fw_config() (bsc#1227149).
- wifi: wilc1000: simplify remain on channel support (bsc#1227149).
- wifi: wilc1000: simplify wilc_scan() (bsc#1227149).
- wifi: wilc1000: split deeply nested RCU list traversal in dedicated helper (bsc#1227149).
- wifi: wilc1000: use SRCU instead of RCU for vif list traversal (bsc#1227149).
- wifi: wilc1000: validate chip id during bus probe (bsc#1227149).
- wifi: wl1251: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wl18xx: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wlcore: boot: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wlcore: main: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wlcore: sdio: Rate limit wl12xx_sdio_raw_{read,write}() failures warns (bsc#1227149).
- wifi: wlcore: sdio: Use module_sdio_driver macro to simplify the code (bsc#1227149).
- wifi: zd1211rw: fix typo 'tranmits' (bsc#1227149).
- wifi: zd1211rw: remove __nocast from zd_addr_t (bsc#1227149).
- wifi: zd1211rw: silence sparse warnings (bsc#1227149).
- wireguard: netlink: access device through ctx instead of peer (git-fixes).
- wireguard: netlink: check for dangling peer via is_dead instead of empty list (git-fixes).
- wireguard: receive: annotate data-race around receiving_counter.counter (git-fixes).
- wlcore: spi: Remove redundant of_match_ptr() (bsc#1227149).
- Workaround broken chacha crypto fallback (bsc#1218205).
- work around gcc bugs with 'asm goto' with outputs (git-fixes).
- X.509: Fix the parser of extended key usage for length (bsc#1218820).
- x86/amd_nb: Check for invalid SMN reads (git-fixes).
- x86/apic: Force native_apic_mem_read() to use the MOV instruction (git-fixes).
- x86/asm: Fix build of UML with KASAN (git-fixes).
- x86/asm: Remove the __iomem annotation of movdir64b()'s dst argument (git-fixes).
- x86/bhi: Avoid warning in #DB handler due to BHI mitigation :(git-fixes).
- x86/boot: Ignore NMIs during very early boot (git-fixes).
- x86/bugs: Fix BHI retpoline check (git-fixes).
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
- x86/bugs: Remove default case for fully switched enums (git-fixes).
- x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() (git-fixes).
- x86/coco: Require seeding RNG with RDRAND on CoCo systems (git-fixes).
- x86/cpu: Add model number for Intel Arrow Lake mobile processor (git-fixes).
- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (git-fixes).
- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
- x86/cpu: Provide default cache line size if not enumerated (git-fixes).
- x86/csum: clean up `csum_partial' further (git-fixes).
- x86/csum: Fix clang -Wuninitialized in csum_partial() (git-fixes).
- x86/csum: Improve performance of `csum_partial` (git-fixes).
- x86/csum: Remove unnecessary odd handling (git-fixes).
- x86/efistub: Add missing boot_params for mixed mode compat entry (git-fixes).
- x86/efistub: Call mixed mode boot services on the firmware's stack (git-fixes).
- x86/fpu: Fix AMD X86_BUG_FXSAVE_LEAK fixup (git-fixes).
- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
- x86/head/64: Move the __head definition to <asm/init.h> (git-fixes).
- x86/hyperv: Allow 15-bit APIC IDs for VTL platforms (git-fixes).
- x86/hyperv: Use per cpu initial stack for vtl context (git-fixes).
- x86/insn: Add VEX versions of VPDPBUSD, VPDPBUSDS, VPDPWSSD and VPDPWSSDS (git-fixes).
- x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes).
- x86/kconfig: Add as-instr64 macro to properly evaluate AS_WRUSS (git-fixes).
- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (git-fixes).
- x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (git-fixes).
- x86/kexec: Fix bug with call depth tracking (git-fixes).
- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (git-fixes).
- x86/mce: Dynamically size space for machine check records (bsc#1222241).
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).
- x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel (git-fixes).
- x86/nmi: Drop unused declaration of proc_nmi_enabled() (git-fixes).
- x86/nmi: Fix the inverse 'in NMI handler' check (git-fixes).
- x86/nospec: Refactor UNTRAIN_RET[_*] (git-fixes).
- x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).
- x86/purgatory: Switch to the position-independent small code model (git-fixes).
- x86/resctrl: Read supported bandwidth sources from CPUID (git-fixes).
- x86/resctrl: Remove redundant variable in mbm_config_write_domain() (git-fixes).
- x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (git-fixes).
- x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk (git-fixes).
- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).
- x86/sev: Fix position dependent variable references in startup code (git-fixes).
- x86/shstk: Make return uprobe work with shadow stack (git-fixes).
- x86/speculation, objtool: Use absolute relocations for annotations (git-fixes).
- x86/srso: Disentangle rethunk-dependent options (git-fixes).
- x86/srso: Fix unret validation dependencies (git-fixes).
- x86/srso: Improve i-cache locality for alias mitigation (git-fixes).
- x86/srso: Print actual mitigation if requested mitigation isn't possible (git-fixes).
- x86/srso: Remove 'pred_cmd' label (git-fixes).
- x86/srso: Unexport untraining functions (git-fixes).
- x86: Stop using weak symbols for __iowrite32_copy() (bsc#1226502)
- x86/tdx: Preserve shared bit on mprotect() (git-fixes).
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
- x86/uaccess: Fix missed zeroing of ia32 u64 get_user() range checking (git-fixes).
- x86/xen: Add some null pointer checking to smp.c (git-fixes).
- x86/xen: attempt to inflate the memory balloon on PVH (git-fixes).
- xdp, bonding: Fix feature flags when there are no slave devs anymore (git-fixes).
- xen/events: drop xen_allocate_irqs_dynamic() (git-fixes).
- xen/events: fix error code in xen_bind_pirq_msi_to_irq() (git-fixes).
- xen/events: increment refcnt only if event channel is refcounted (git-fixes).
- xen/events: modify internal [un]bind interfaces (git-fixes).
- xen/events: reduce externally visible helper functions (git-fixes).
- xen/events: remove some simple helpers from events_base.c (git-fixes).
- xen: evtchn: Allow shared registration of IRQ handers (git-fixes).
- xen/evtchn: avoid WARN() when unbinding an event channel (git-fixes).
- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
- xen/x86: add extra pages to unpopulated-alloc if available (git-fixes).
- xfs: Add cond_resched to block unmap range and reflink remap path (bsc#1228211).
- xfs: add lock protection when remove perag from radix tree (git-fixes).
- xfs: allow extent free intents to be retried (git-fixes).
- xfs: fix perag leak when growfs fails (git-fixes).
- xfs: force all buffers to be written during btree bulk load (git-fixes).
- xfs: make xchk_iget safer in the presence of corrupt inode btrees (git-fixes).
- xfs: pass the xfs_defer_pending object to iop_recover (git-fixes).
- xfs: recompute growfsrtfree transaction reservation while growing rt volume (git-fixes).
- xfs: transfer recovered intent item ownership in ->iop_recover (git-fixes).
- xfs: use roundup_pow_of_two instead of ffs during xlog_find_tail (git-fixes).
- xfs: use xfs_defer_pending objects to recover intent items (git-fixes).
- xhci: add helper that checks for unhandled events on a event ring (git-fixes).
- xhci: always resume roothubs if xHC was reset during resume (stable-fixes).
- xhci: Apply broken streams quirk to Etron EJ188 xHCI host (stable-fixes).
- xhci: Apply reset resume quirk to Etron EJ188 xHCI host (stable-fixes).
- xhci: Handle TD clearing for multiple streams case (git-fixes).
- xhci: remove unnecessary event_ring_deq parameter from xhci_handle_event() (git-fixes).
- xhci: Set correct transferred length for cancelled bulk transfers (stable-fixes).
- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (bsc#1214683 (PREEMPT_RT prerequisite backports)).
Patchnames
SUSE-2024-2973,SUSE-SLE-Module-Live-Patching-15-SP6-2024-2973,SUSE-SLE-Module-RT-15-SP6-2024-2973,openSUSE-SLE-15.6-2024-2973
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).\n- CVE-2023-38417: wifi: iwlwifi: bump FW API to 90 for BZ/SC devices (bsc#1225600).\n- CVE-2023-47210: wifi: iwlwifi: bump FW API to 90 for BZ/SC devices (bsc#1225601).\n- CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).\n- CVE-2023-52458: Fixed check that partition length needs to be aligned with block size (bsc#1220428).\n- CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915).\n- CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615).\n- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).\n- CVE-2023-52631: Fixed an NULL dereference bug (bsc#1222264 CVE-2023-52631).\n- CVE-2023-52640: Fixed out-of-bounds in ntfs_listxattr (bsc#1222301).\n- CVE-2023-52641: Fixed NULL ptr dereference checking at the end of attr_allocate_frame() (bsc#1222303)\n- CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).\n- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).\n- CVE-2023-52656: Dropped any code related to SCM_RIGHTS (bsc#1224187).\n- CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614).\n- CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727).\n- CVE-2023-52659: Fixed to pfn_to_kaddr() not treated as a 64-bit type (bsc#1224442)\n- CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608).\n- CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config() (bsc#1224628).\n- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (CVE-2023-52698 bsc#1224621)\n- CVE-2023-52699: sysv: don\u0027t call sb_bread() with pointers_lock held (bsc#1224659).\n- CVE-2023-52735: bpf, sockmap: Don\u0027t let sock_map_{close,destroy,unhash} call itself (bsc#1225475).\n- CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489).\n- CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).\n- CVE-2023-52771: Fixed delete_endpoint() vs parent unregistration race (bsc#1225007).\n- CVE-2023-52772: Fixed use-after-free in unix_stream_read_actor() (bsc#1224989).\n- CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).\n- CVE-2023-52786: ext4: fix racy may inline data check in dio write (bsc#1224939).\n- CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105).\n- CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).\n- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).\n- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).\n- CVE-2023-52855: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency (bsc#1225583).\n- CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936).\n- CVE-2023-52875: Add check for mtk_alloc_clk_data (bsc#1225096).\n- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).\n- CVE-2023-6238: Fixed kcalloc() arguments order (bsc#1217384).\n- CVE-2024-21823: Fixed safety flag to struct ends (bsc#1223625).\n- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).\n- CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834).\n- CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).\n- CVE-2024-26614: Fixed the initialization of accept_queue\u0027s spinlocks (bsc#1221293).\n- CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).\n- CVE-2024-26623: pds_core: Prevent race issues involving the adminq (bsc#1221057).\n- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)\n- CVE-2024-26632: Fixed iterating over an empty bio with bio_for_each_folio_all (bsc#1221635).\n- CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).\n- CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).\n- CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).\n- CVE-2024-26638: Fixed uninitialize struct msghdr completely (bsc#1221649 CVE-2024-26638).\n- CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).\n- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).\n- CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829).\n- CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).\n- CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328).\n- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).\n- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).\n- CVE-2024-26674: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups (bsc#1222378).\n- CVE-2024-26679: Fixed read sk-\u003esk_family once in inet_recv_error() (bsc#1222385).\n- CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445).\n- CVE-2024-26691: KVM: arm64: Fix circular locking dependency (bsc#1222463).\n- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).\n- CVE-2024-26726: Fixed invalid drop extent_map for free space inode on write error (bsc#1222532)\n- CVE-2024-26731: Fixed NULL pointer dereference in sk_psock_verdict_data_ready() (bsc#1222371).\n- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).\n- CVE-2024-26734: devlink: fix possible use-after-free and memory leaks in devlink_init() (bsc#1222438).\n- CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557).\n- CVE-2024-26740: Fixed use the backlog for mirred ingress (bsc#1222563).\n- CVE-2024-26760: scsi: target: pscsi: Fix bio_put() for error case (bsc#1222596).\n- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).\n- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).\n- CVE-2024-26774: Fixed dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt (bsc#1222622).\n- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).\n- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).\n- CVE-2024-26785: iommufd: Fix protection fault in iommufd_test_syz_conv_iova (bsc#1222779).\n- CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)\n- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).\n- CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801).\n- CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809).\n- CVE-2024-26814: vfio/fsl-mc: Block calling interrupt handler without trigger (bsc#1222810).\n- CVE-2024-26815: Fixed improper TCA_TAPRIO_TC_ENTRY_INDEX check (bsc#1222635).\n- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624).\n- CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).\n- CVE-2024-26826: mptcp: fix data re-injection from stale subflow (bsc#1223010).\n- CVE-2024-26832: Fixed missing folio cleanup in writeback race path (bsc#1223007).\n- CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).\n- CVE-2024-26844: Fixed WARNING in _copy_from_iter (bsc#1223015).\n- CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).\n- CVE-2024-26860: Fixed a memory leak when rechecking the data (bsc#1223077).\n- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).\n- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).\n- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).\n- CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).\n- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).\n- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).\n- CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).\n- CVE-2024-26899: Fixed deadlock between bd_link_disk_holder and partition scan (bsc#1223045).\n- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).\n- CVE-2024-26906: Fixed invalid vsyscall page read for copy_from_kernel_nofault() (bsc#1223202).\n- CVE-2024-26909: Fixed drm bridge use-after-free (bsc#1223143).\n- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).\n- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).\n- CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).\n- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).\n- CVE-2024-26944: btrfs: zoned: fix lock ordering in btrfs_zone_activate() (bsc#1223731).\n- CVE-2024-26945: Fixed nr_cpus \u0026lt; nr_iaa case (bsc#1223732).\n- CVE-2024-26946: Fixed copy_from_kernel_nofault() to read from unsafe address (bsc#1223669).\n- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).\n- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).\n- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).\n- CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).\n- CVE-2024-26991: Fixed overflow lpage_info when checking attributes (bsc#1223695).\n- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).\n- CVE-2024-27012: netfilter: nf_tables: restore set elements when delete set fails (bsc#1223804).\n- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).\n- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).\n- CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).\n- CVE-2024-27016: netfilter: flowtable: validate pppoe header (bsc#1223807).\n- CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)\n- CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)\n- CVE-2024-27022: Fixed linking file vma until vma is fully initialized (bsc#1223774).\n- CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)\n- CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).\n- CVE-2024-27064: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain (bsc#1223740).\n- CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836).\n- CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098).\n- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).\n- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).\n- CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414).\n- CVE-2024-27404: mptcp: fix data races on remote_id (bsc#1224422)\n- CVE-2024-27408: Fixed race condition in dmaengine w-edma/eDMA (bsc#1224430).\n- CVE-2024-27414: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back (bsc#1224439).\n- CVE-2024-27417: Fixed potential \u0027struct net\u0027 leak in inet6_rtm_getaddr() (bsc#1224721)\n- CVE-2024-27418: Fixed memory leak in mctp_local_output (bsc#1224720)\n- CVE-2024-27419: Fixed data-races around sysctl_net_busy_read (bsc#1224759)\n- CVE-2024-27431: Fixed Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718).\n- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).\n- CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).\n- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).\n- CVE-2024-35827: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() (bsc#1224606).\n- CVE-2024-35831: io_uring: Fix release of pinned pages when __io_uaddr_map fails (bsc#1224698).\n- CVE-2024-35843: iommu/vt-d: Use device rbtree in iopf reporting path (bsc#1224751).\n- CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612).\n- CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502).\n- CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604).\n- CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636).\n- CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619).\n- CVE-2024-35860: Struct bpf_link and bpf_link_ops kABI workaround (bsc#1224531).\n- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).\n- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).\n- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).\n- CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667).\n- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).\n- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).\n- CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530).\n- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).\n- CVE-2024-35880: io_uring/kbuf: hold io_buffer_list reference over mmap (bsc#1224523).\n- CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520).\n- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).\n- CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).\n- CVE-2024-35892: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog() (bsc#1224515).\n- CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)\n- CVE-2024-35895: Fixed lock inversion deadlock in map delete elem (bsc#1224511).\n- CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498).\n- CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499)\n- CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497).\n- CVE-2024-35903: Fixed IP after emitting call depth accounting (bsc#1224493).\n- CVE-2024-35908: tls: get psock ref after taking rxlock to avoid leak (bsc#1224490)\n- CVE-2024-35917: Fixed Fix bpf_plt pointer arithmetic (bsc#1224481).\n- CVE-2024-35921: Fixed oops when HEVC init fails (bsc#1224477).\n- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).\n- CVE-2024-35926: crypto: iaa - Fix async_disable descriptor leak (bsc#1224655).\n- CVE-2024-35931: Fixed PCI error slot reset during RAS recovery (bsc#1224652).\n- CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)\n- CVE-2024-35942: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain (bsc#1224589).\n- CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init (bsc#1224649).\n- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).\n- CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581).\n- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).\n- CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575).\n- CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).\n- CVE-2024-35991: Fixed kABI workaround for struct idxd_evl (bsc#1224553).\n- CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549).\n- CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550).\n- CVE-2024-36003: ice: fix LAG and VF lock dependency in ice_reset_vf() (bsc#1224544).\n- CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)\n- CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539).\n- CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541).\n- CVE-2024-36007: Fixed warning during rehash (bsc#1224543).\n- CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540).\n- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).\n- CVE-2024-36024: drm/amd/display: Disable idle reallow as part of command/gpint execution (bsc#1225702).\n- CVE-2024-36030: Fixed the double free in rvu_npc_freemem() (bsc#1225712)\n- CVE-2024-36281: net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules (bsc#1226799).\n- CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring \u0027power\u0027 and \u0027submit_queues\u0027 (bsc#1226841).\n- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).\n- CVE-2024-36882: mm: use memalloc_nofs_save() in page_cache_ra_order() (bsc#1225723).\n- CVE-2024-36889: ata: libata-scsi: Fix offsets for the fixed format sense data (bsc#1225746).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).\n- CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726).\n- CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)\n- CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).\n- CVE-2024-36903: ipv6: Fix potential uninit-value access in __ip6_make_skb() (bsc#1225741).\n- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).\n- CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn\u0027t be re-encrypted (bsc#1225744).\n- CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).\n- CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).\n- CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752).\n- CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753).\n- CVE-2024-36914: drm/amd/display: Skip on writeback when it\u0027s not applicable (bsc#1225757).\n- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).\n- CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759).\n- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).\n- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).\n- CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).\n- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).\n- CVE-2024-36935: ice: ensure the copied buf is NUL terminated (bsc#1225763).\n- CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834).\n- CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761).\n- CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823).\n- CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851).\n- CVE-2024-36957: octeontx2-af: avoid off-by-one read from userspace (bsc#1225762).\n- CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).\n- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).\n- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).\n- CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066).\n- CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875).\n- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).\n- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).\n- CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).\n- CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774).\n- CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781).\n- CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).\n- CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).\n- CVE-2024-38566: bpf: Fix verifier assumptions about socket-\u003esk (bsc#1226790).\n- CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771).\n- CVE-2024-38569: drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group (bsc#1226772).\n- CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775).\n- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).\n- CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750).\n- CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734).\n- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).\n- CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).\n- CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842).\n- CVE-2024-38604: block: refine the EOF check in blkdev_iomap_begin (bsc#1226866).\n- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).\n- CVE-2024-38610: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() (bsc#1226758).\n- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).\n- CVE-2024-38636: f2fs: multidev: fix to recognize valid zero block address (bsc#1226879).\n- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).\n- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).\n- CVE-2024-39276: ext4: fix mb_cache_entry\u0027s e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993).\n- CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).\n- CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990).\n- CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103.\n- CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432).\n- CVE-2024-39474: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL (bsc#1227434).\n- CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447).\n- CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)\n- CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).\n- CVE-2024-39494: ima: Fix use-after-free on a dentry\u0027s dname.name (bsc#1227716).\n- CVE-2024-39496: btrfs: zoned: fix use-after-free due to race with dev replace (bsc#1227719).\n- CVE-2024-39498: drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2 (bsc#1227723)\n- CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755).\n- CVE-2024-39504: netfilter: nft_inner: validate mandatory meta and payload (bsc#1227757).\n- CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).\n- CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).\n- CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763).\n- CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783).\n- CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (bsc#1227779).\n- CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).\n- CVE-2024-40925: block: fix request.queuelist usage in flush (bsc#1227789).\n- CVE-2024-40928: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() (bsc#1227788).\n- CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780).\n- CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797).\n- CVE-2024-40937: gve: Clear napi-\u003eskb before dev_kfree_skb_any() (bsc#1227836).\n- CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800).\n- CVE-2024-40947: ima: Avoid blocking in RCU read-side critical section (bsc#1227803).\n- CVE-2024-40948: mm/page_table_check: fix crash on ZONE_DEVICE (bsc#1227801).\n- CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).\n- CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813).\n- CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814).\n- CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).\n- CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).\n- CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910).\n- CVE-2024-40975: platform/x86: x86-android-tablets: Unregister devices in reverse order (bsc#1227926).\n- CVE-2024-40998: ext4: fix uninitialized ratelimit_state-\u003elock access in __ext4_fill_super() (bsc#1227866).\n- CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).\n- CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862).\n- CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405).\n- CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).\n- CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).\n- CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).\n- CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).\n\nThe following non-security bugs were fixed:\n\n- 9p: add missing locking around taking dentry fid list (git-fixes)\n- accel/ivpu: Fix deadlock in context_xa (git-fixes).\n- ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).\n- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).\n- ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).\n- ACPICA: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes).\n- ACPICA: Revert \u0027ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\u0027 (git-fixes).\n- ACPI: CPPC: Fix access width used for PCC registers (git-fixes).\n- ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro (git-fixes).\n- ACPI: CPPC: Use access_width over bit_width for system memory accesses (stable-fixes).\n- ACPI: disable -Wstringop-truncation (git-fixes).\n- ACPI: EC: Abort address space access upon error (stable-fixes).\n- ACPI: EC: Avoid returning AE_OK on errors in address space handler (stable-fixes).\n- ACPI: EC: Evaluate orphan _REG under EC device (git-fixes).\n- ACPI: EC: Install address space handler at the namespace root (stable-fixes).\n- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).\n- ACPI: LPSS: Advertise number of chip selects via property (git-fixes).\n- ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (git-fixes).\n- ACPI: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes).\n- ACPI: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).\n- ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes).\n- ACPI: scan: Do not increase dep_unmet for already met dependencies (git-fixes).\n- ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (bsc#1217750).\n- ACPI: x86: Add PNP_UART1_SKIP quirk for Lenovo Blade2 tablets (stable-fixes).\n- ACPI: x86: Force StorageD3Enable on more products (stable-fixes).\n- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).\n- Add console: Improve console_srcu_read_flags() comments device property: Add SOFTWARE_NODE() macro for defining software nodes device property: Add fwnode_name_eq() device property: Add fwnode_property_match_property_string() device property: Implement device_is_big_endian() device property: Implement device_is_compatible() nbcon: Provide functions for drivers to acquire console for non-printing. panic: Flush kernel log buffer at the end panic: Mark emergency section in oops panic: Mark emergency section in warn panic: add option to dump blocked tasks in panic_print panic: suppress gnu_printf warning printk: Add @flags argument for console_is_usable() printk: Add function to replay kernel log on consoles printk: Add kthread for all legacy consoles printk: Add non-BKL (nbcon) console basic infrastructure printk: Add notation to console_srcu locking printk: Atomic print in printk context on shutdown printk: Avoid console_lock dance if no legacy or boot consoles printk: Avoid false positive lockdep report for legacy printing printk: Check printk_deferred_enter()/_exit() usage printk: Check valid console index for preferred console printk: Constify name for add_preferred_console() printk: Coordinate direct printing in panic printk: Do not try to parse DEVNAME:0.0 console options printk: Flag register_console() if console is set on command line. printk: Let console_is_usable() handle nbcon printk: Make console_is_usable() available to nbcon printk: Make static printk buffers available to nbcon printk: Properly deal with nbcon consoles on seq init printk: Provide helper for message prepending printk: Provide threadprintk boot argument printk: Reduce pr_flush() pooling time printk: Remove the now superfluous sentinel elements from ctl_table array printk: Save console options for add_preferred_console_match() printk: Track nbcon consoles printk: Track registered boot consoles printk: fix illegal pbufs access for !CONFIG_PRINTK printk: flush consoles before checking progress printk: nbcon: Add acquire/release logic printk: nbcon: Add buffer management printk: nbcon: Add callbacks to synchronize with driver printk: nbcon: Add context to console_is_usable() printk: nbcon: Add detailed doc for write_atomic() printk: nbcon: Add emit function and callback function for atomic printing printk: nbcon: Add helper to assign priority based on CPU state printk: nbcon: Add ownership state functions printk: nbcon: Add printer thread wakeups printk: nbcon: Add sequence handling printk: nbcon: Add unsafe flushing on panic printk: nbcon: Allow drivers to mark unsafe regions and check state. printk: nbcon: Do not rely on proxy headers printk: nbcon: Implement emergency sections printk: nbcon: Introduce printing kthreads printk: nbcon: Provide function to flush using write_atomic() printk: nbcon: Provide function to reacquire ownership printk: nbcon: Remove return value for write_atomic() printk: nbcon: Show replay message on takeover printk: nbcon: Start printing threads printk: nbcon: Use driver synchronization while (un)registering printk: nbcon: Use nbcon consoles in console_flush_all() serial: convert uart sysrq handling to u8 serial: core: Add UPIO_UNKNOWN constant for unknown port type serial: core: Controller id cannot be negative serial: core: Fix serial core port id to not use port-\u003eline serial: core: Implement processing in port-\u003elock wrapper serial: core: Introduce wrapper to set @uart_port-\u003econs serial: core: Move struct uart_port::quirks closer to possible serial: core: Provide low-level functions to lock port serial: core: Update uart_poll_timeout() function to return unsigned long. serial: core: Use lock wrappers serial: core: do not kfree device managed data serial: core: fix -EPROBE_DEFER handling in init serial: make uart_insert_char() accept u8s serial: port: Introduce a common helper to read properties tty/sysrq: Replay kernel log messages on consoles via sysrq\n- Add reference to L3 bsc#1225765 in BPF control flow graph and precision backtrack fixes (bsc#1225756) The L3 bsc#1225765 was created seperately since our customer requires PTF.\n- admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes).\n- ahci: asm1064: asm1166: do not limit reported ports (git-fixes).\n- ahci: asm1064: correct count of reported ports (stable-fixes).\n- ALSA: aoa: avoid false-positive format truncation warning (git-fixes).\n- ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).\n- ALSA: core: Remove debugfs at disconnection (git-fixes).\n- ALSA: dmaengine_pcm: terminate dmaengine before synchronize (stable-fixes).\n- ALSA: dmaengine: Synchronize dma channel after drop() (stable-fixes).\n- ALSA: emux: improve patch ioctl data validation (stable-fixes).\n- ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).\n- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).\n- ALSA: hda: Add Intel BMG PCI ID and HDMI codec vid (stable-fixes).\n- ALSA: hda: clarify Copyright information (stable-fixes).\n- ALSA: hda/conexant: Mute speakers at suspend / shutdown (bsc#1228269).\n- ALSA: hda: cs35l41: Add support for ASUS ROG 2024 Laptops (stable-fixes).\n- ALSA: hda: cs35l41: Component should be unbound before deconstruction (git-fixes).\n- ALSA: hda: cs35l41: Fix swapped l/r audio channels for Lenovo ThinBook 13x Gen4 (git-fixes).\n- ALSA: hda: cs35l41: Ignore errors when configuring IRQs (stable-fixes).\n- ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind() (git-fixes).\n- ALSA: hda: cs35l41: Remove redundant argument to cs35l41_request_firmware_file() (stable-fixes).\n- ALSA: hda: cs35l41: Remove Speaker ID for Lenovo Legion slim 7 16ARHA7 (git-fixes).\n- ALSA: hda: cs35l41: Set the max PCM Gain using tuning setting (stable-fixes).\n- ALSA: hda: cs35l41: Support HP Omen models without _DSD (stable-fixes).\n- ALSA: hda: cs35l41: Support Lenovo 13X laptop without _DSD (stable-fixes).\n- ALSA: hda: cs35l41: Support Lenovo Thinkbook 13x Gen 4 (stable-fixes).\n- ALSA: hda: cs35l41: Support Lenovo Thinkbook 16P Gen 5 (stable-fixes).\n- ALSA: hda: cs35l56: Add ACPI device match tables (git-fixes).\n- ALSA: hda: cs35l56: Component should be unbound before deconstruction (git-fixes).\n- ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot() (stable-fixes).\n- ALSA: hda: cs35l56: Fix lifecycle of codec pointer (stable-fixes).\n- ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance (git-fixes).\n- ALSA: hda: cs35l56: Set the init_done flag before component_add() (git-fixes).\n- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).\n- ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown (bsc#1228269).\n- ALSA: hda: hda_cs_dsp_ctl: Remove notification of driver write (stable-fixes).\n- ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes).\n- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).\n- ALSA/hda: intel-dsp-config: reduce log verbosity (git-fixes).\n- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).\n- ALSA: hda/realtek: Add more codec ID to no shutup pins list (stable-fixes).\n- ALSA: hda/realtek: add quirk for Clevo V5[46]0TU (stable-fixes).\n- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).\n- ALSA: hda/realtek: Add quirk for HP Spectre x360 14 eu0000 (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14AHP9 (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ARP8 (stable-fixes).\n- ALSA: hda/realtek: Add quirks for ASUS Laptops using CS35L56 (stable-fixes).\n- ALSA: hda/realtek: Add quirks for HP Omen models using CS35L41 (stable-fixes).\n- ALSA: hda/realtek: Add quirks for Huawei Matebook D14 NBLB-WAX9N (stable-fixes).\n- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).\n- ALSA: hda/realtek: Add quirks for some Clevo laptops (stable-fixes).\n- ALSA: hda/realtek: Add sound quirks for Lenovo Legion slim 7 16ARHA7 models (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS Zenbook 2024 HN7306W (stable-fixes).\n- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).\n- ALSA: hda/realtek: cs35l41: Fixup remaining asus strix models (git-fixes).\n- ALSA: hda/realtek: cs35l41: Support ASUS ROG G634JYR (stable-fixes).\n- ALSA: hda/realtek: Drop doubly quirk entry for 103c:8a2e (git-fixes).\n- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).\n- ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).\n- ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes).\n- ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (stable-fixes).\n- ALSA: hda/realtek: Enable Mute LED on HP 250 G7 (stable-fixes).\n- ALSA: hda/realtek: Fix build error without CONFIG_PM (stable-fixes).\n- ALSA: hda/realtek: Fix conflicting PCI SSID 17aa:386f for Lenovo Legion models (bsc#1223462).\n- ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes).\n- ALSA: hda/realtek - fixed headset Mic not show (stable-fixes).\n- ALSA: hda/realtek: Fixes for Asus GU605M and GA403U sound (stable-fixes).\n- ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).\n- ALSA: hda/realtek: Fix internal speakers for Legion Y9000X 2022 IAH7 (stable-fixes).\n- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs do not work for EliteBook 645/665 G11 (stable-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes).\n- ALSA: hda/realtek: fix the hp playback volume issue for LG machines (stable-fixes).\n- ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 (stable-fixes).\n- ALSA: hda/realtek: Fix volumn control of ThinkBook 16P Gen4 (git-fixes).\n- ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes).\n- ALSA: hda/realtek: Limit mic boost on VAIO PRO PX (stable-fixes).\n- ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes).\n- ALSA: hda/realtek - Set GPIO3 to default at S4 state for Thinkpad with ALC1318 (stable-fixes).\n- ALSA: hda/realtek: Support Lenovo Thinkbook 13x Gen 4 (stable-fixes).\n- ALSA: hda/realtek: Support Lenovo Thinkbook 16P Gen 5 (stable-fixes).\n- ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx (stable-fixes).\n- ALSA: hda/tas2781: add locks to kcontrols (git-fixes).\n- ALSA: hda/tas2781: Add new quirk for Lenovo Hera2 Laptop (stable-fixes).\n- ALSA: hda/tas2781: Add new vendor_id and subsystem_id to support ThinkPad ICE-1 (stable-fixes).\n- ALSA: hda: tas2781: Component should be unbound before deconstruction (git-fixes).\n- ALSA: hda/tas2781: correct the register for pow calibrated data (git-fixes).\n- ALSA: hda/tas2781: remove digital gain kcontrol (git-fixes).\n- ALSA: line6: Zero-initialize message buffers (stable-fixes).\n- ALSA: PCM: Allow resume only for suspended streams (stable-fixes).\n- ALSA: pcm_dmaengine: Do not synchronize DMA channel when DMA is paused (git-fixes).\n- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).\n- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).\n- ALSA: scarlett2: Add missing error check to scarlett2_config_save() (git-fixes).\n- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).\n- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).\n- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).\n- ALSA: seq: Do not clear bank selection at event -\u003e UMP MIDI2 conversion (git-fixes).\n- ALSA: seq: Fix incorrect UMP type for system messages (git-fixes).\n- ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion (git-fixes).\n- ALSA: seq: Fix missing channel at encoding RPN/NRPN MIDI2 messages (git-fixes).\n- ALSA: seq: Fix missing MSB in MIDI2 SPP conversion (git-fixes).\n- ALSA: seq: Fix yet another spot for system message conversion (git-fixes).\n- ALSA: seq: ump: Fix conversion from MIDI2 to MIDI1 UMP messages (git-fixes).\n- ALSA: seq: ump: Fix missing System Reset message handling (git-fixes).\n- ALSA: seq: ump: Fix swapped song position pointer data (git-fixes).\n- ALSA: seq: ump: Skip useless ports for static blocks (git-fixes).\n- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).\n- ALSA: timer: Set lower bound of start tick time (stable-fixes).\n- ALSA: ump: Do not accept an invalid UMP protocol number (git-fixes).\n- ALSA: ump: Do not clear bank selection after sending a program change (git-fixes).\n- ALSA: ump: Force 1 Group for MIDI1 FBs (git-fixes).\n- ALSA: ump: Set default protocol when not given explicitly (git-fixes).\n- ALSA: usb-audio: Add a quirk for Sonix HD USB Camera (stable-fixes).\n- ALSA: usb-audio: Add sampling rates support for Mbox3 (stable-fixes).\n- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (stable-fixes).\n- ALSA: usb-audio: Fix microphone sound on HD webcam (stable-fixes).\n- ALSA: usb-audio: Move HD Webcam quirk to the right place (git-fixes).\n- amd/amdkfd: sync all devices to wait all processes being evicted (stable-fixes).\n- amdkfd: use calloc instead of kzalloc to avoid integer overflow (stable-fixes).\n- arm64: Add the arm64.no32bit_el0 command line option (jsc#PED-3184). \n- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).\n- arm64: bpf: fix 32bit unconditional bswap (git-fixes).\n- arm64: dts: allwinner: h616: Fix I2C0 pins (git-fixes)\n- arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)\n- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)\n- arm64: dts: Fix dtc interrupt_provider warnings (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin: enable hysteresis on slow input (git-fixes)\n- arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)\n- arm64: dts: imx8qm-mek: fix gpio number for reg_usdhc2_vmmc (git-fixes)\n- arm64: dts: imx8qm-ss-dma: fix can lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-conn: fix usb lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)\n- arm64: dts: imx8-ss-dma: fix adc lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-dma: fix can lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-dma: fix spi lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-lsio: fix pwm lpcg indices (git-fixes)\n- arm64: dts: imx93-11x11-evk: Remove the \u0027no-sdio\u0027 property (git-fixes)\n- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)\n- arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)\n- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)\n- arm64: dts: rockchip: Add mdio and ethernet-phy nodes to (git-fixes)\n- arm64: dts: rockchip: Add missing power-domains for rk356x vop_mmu (git-fixes)\n- arm64: dts: rockchip: Add pinctrl for UART0 to rk3308-rock-pi-s (git-fixes)\n- arm64: dts: rockchip: Add sdmmc related properties on (git-fixes)\n- arm64: dts: rockchip: Add sound-dai-cells for RK3368 (git-fixes)\n- arm64: dts: rockchip: Drop invalid mic-in-differential on (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)\n- arm64: dts: rockchip: Fix mic-in-differential usage on (git-fixes)\n- arm64: dts: rockchip: Fix mic-in-differential usage on rk3566-roc-pc (git-fixes)\n- arm64: dts: rockchip: fix PMIC interrupt pin on ROCK Pi E (git-fixes)\n- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)\n- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)\n- arm64: dts: rockchip: Fix SD NAND and eMMC init on rk3308-rock-pi-s (git-fixes)\n- arm64: dts: rockchip: Fix the DCDC_REG2 minimum voltage on Quartz64 (git-fixes)\n- arm64: dts: rockchip: Fix the value of `dlg,jack-det-rate` mismatch (git-fixes)\n- arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)\n- arm64: dts: rockchip: regulator for sd needs to be always on for (git-fixes)\n- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)\n- arm64: dts: rockchip: Rename LED related pinctrl nodes on (git-fixes)\n- arm64: dts: rockchip: set PHY address of MT7531 switch to 0x1f (git-fixes)\n- arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H (git-fixes).\n- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).\n- arm64/io: add constant-argument check (bsc#1226502 git-fixes)\n- arm64/io: Provide a WC friendly __iowriteXX_copy() (bsc#1226502)\n- arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8688).\n- arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8688).\n- arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8688).\n- arm64/ptrace: Use saved floating point state type to determine SVE (git-fixes)\n- arm64/sve: Lower the maximum allocation for the SVE ptrace regset (git-fixes)\n- arm64: tegra: Correct Tegra132 I2C alias (git-fixes)\n- arm64: tegra: Set the correct PHY mode for MGBE (git-fixes)\n- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).\n- ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (git-fixes).\n- ARM: imx_v6_v7_defconfig: Restore CONFIG_BACKLIGHT_CLASS_DEVICE (git-fixes).\n- ARM: OMAP2+: fix N810 MMC gpiod table (git-fixes).\n- ARM: OMAP2+: fix USB regression on Nokia N8x0 (git-fixes).\n- arm_pmu: acpi: Add a representative platform device for TRBE (bsc#1220587)\n- arm_pmu: acpi: Refactor arm_spe_acpi_register_device() (bsc#1220587)\n- ARM: prctl: reject PR_SET_MDWE on pre-ARMv6 (stable-fixes).\n- ARM: s5pv210: fix pm.c kernel-doc warning (git-fixes).\n- asm-generic: make sparse happy with odd-sized put_unaligned_*() (stable-fixes).\n- ASoC: acp: Support microphone from device Acer 315-24p (git-fixes).\n- ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes).\n- ASoC: amd: acp: fix for acp_init function error handling (git-fixes).\n- ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git-fixes).\n- ASoC: amd: Adjust error handling in case of absent codec device (git-fixes).\n- ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table (stable-fixes).\n- ASoC: amd: yc: Fix non-functional mic on ASUS M5602RA (stable-fixes).\n- ASoC: amd: yc: Fix non-functional mic on ASUS M7600RE (stable-fixes).\n- ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 (stable-fixes).\n- ASoC: amd: yc: Revert \u0027Fix non-functional mic on Lenovo 21J2\u0027 (stable-fixes).\n- ASoC: amd: yc: Support mic on Lenovo Thinkpad E16 Gen 2 (bsc#1228269).\n- ASoC: codecs: wsa881x: set clk_stop_mode1 flag (git-fixes).\n- ASoC: cs35l56: Accept values greater than 0 as IRQ numbers (git-fixes).\n- ASoC: cs35l56: Fix unintended bus access while resetting amp (git-fixes).\n- ASoC: cs35l56: Prevent overwriting firmware ASP config (git-fixes).\n- ASoC: da7219-aad: fix usage of device_get_named_child_node() (git-fixes).\n- ASoC: fsl-asoc-card: set priv-\u003epdev before using it (git-fixes).\n- ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value (git-fixes).\n- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).\n- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).\n- ASoC: Intel: avs: Populate board selection with new I2S entries (stable-fixes).\n- ASoC: Intel: avs: Set name of control as in topology (git-fixes).\n- ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).\n- ASoC: Intel: avs: Test result of avs_get_module_entry() (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too (git-fixes).\n- ASoC: Intel: common: add ACPI matching tables for Arrow Lake (stable-fixes).\n- ASoC: Intel: common: DMI remap for rebranded Intel NUC M15 (LAPRC710) laptops (stable-fixes).\n- ASoC: Intel: Disable route checks for Skylake boards (git-fixes).\n- ASoC: Intel: sof_sdw: add JD2 quirk for HP Omen 14 (stable-fixes).\n- ASoC: Intel: sof_sdw: add quirk for Dell SKU 0C0F (stable-fixes).\n- ASoC: Intel: sof-sdw: really remove FOUR_SPEAKER quirk (git-fixes).\n- ASoC: Intel: use soc_intel_is_byt_cr() only when IOSF_MBI is reachable (git-fixes).\n- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).\n- ASoC: max98088: Check for clk_prepare_enable() error (git-fixes).\n- ASoC: mediatek: Assign dummy when codec not specified for a DAI link (git-fixes).\n- ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).\n- ASoC: meson: axg-card: make links nonatomic (git-fixes).\n- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).\n- ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).\n- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).\n- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).\n- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).\n- ASoC: q6apm-lpass-dai: close graph on prepare errors (git-fixes).\n- ASoC: qcom: Adjust issues in case of DT error in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).\n- ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates (git-fixes).\n- ASoC: rockchip: i2s-tdm: Fix trcm mode by setting clock on right mclk (git-fixes).\n- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (git-fixes).\n- ASoC: rt5645: Make LattePanda board DMI match more precise (stable-fixes).\n- ASoC: rt5682-sdw: fix locking sequence (git-fixes).\n- ASoC: rt711-sdca: fix locking sequence (git-fixes).\n- ASoC: rt711-sdw: add missing readable registers (stable-fixes).\n- ASoC: rt711-sdw: fix locking sequence (git-fixes).\n- ASoC: rt712-sdca-sdw: fix locking sequence (git-fixes).\n- ASoC: rt715: add vendor clear control register (git-fixes).\n- ASoC: rt715-sdca: volume step modification (git-fixes).\n- ASoC: rt722-sdca: add headset microphone vrefo setting (git-fixes).\n- ASoC: rt722-sdca: modify channel number to support 4 channels (git-fixes).\n- ASoC: rt722-sdca-sdw: add debounce time for type detection (stable-fixes).\n- ASoC: rt722-sdca-sdw: add silence detection register as volatile (stable-fixes).\n- ASoC: rt722-sdca-sdw: fix locking sequence (git-fixes).\n- ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).\n- ASoC: sof: amd: fix for firmware reload failure in Vangogh platform (git-fixes).\n- ASoC: SOF: amd: Optimize quirk for Valve Galileo (stable-fixes).\n- ASoC: SOF: imx8m: Fix DSP control regmap retrieval (git-fixes).\n- ASoC: SOF: Intel: add default firmware library path for LNL (git-fixes).\n- ASoC: SOF: Intel: hda-dsp: Skip IMR boot on ACE platforms in case of S3 suspend (stable-fixes).\n- ASoC: SOF: Intel: hda: fix null deref on system suspend entry (git-fixes).\n- ASoC: SOF: Intel: hda-pcm: Limit the maximum number of periods by MAX_BDL_ENTRIES (stable-fixes).\n- ASoC: SOF: Intel: lnl: Correct rom_status_reg (git-fixes).\n- ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails (stable-fixes).\n- ASoC: SOF: Intel: mtl: Correct rom_status_reg (git-fixes).\n- ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed (git-fixes).\n- ASoC: SOF: Intel: mtl: Implement firmware boot state check (git-fixes).\n- ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend (stable-fixes).\n- ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension (git-fixes).\n- ASoC: SOF: ipc4-topology: Preserve the DMA Link ID for ChainDMA on unprepare (git-fixes).\n- ASoC: SOF: ipc4-topology: Use correct queue_id for requesting input pin format (stable-fixes).\n- ASoC: SOF: pcm: Restrict DSP D0i3 during S0ix to IPC3 (stable-fixes).\n- ASoC: SOF: sof-audio: Skip unprepare for in-use widgets on error rollback (stable-fixes).\n- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).\n- ASoc: tas2781: Enable RCA-based playback without DSP firmware download (git-fixes).\n- ASoC: tas2781: Fix a warning reported by robot kernel test (git-fixes).\n- ASoC: TAS2781: Fix tasdev_load_calibrated_data() (git-fixes).\n- ASoC: tas2781: Fix wrong loading calibrated data sequence (git-fixes).\n- ASoC: tas2781: mark dvc_tlv with __maybe_unused (git-fixes).\n- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).\n- ASoC: ti: Convert Pandora ASoC to GPIO descriptors (stable-fixes).\n- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).\n- ASoC: ti: davinci-mcasp: Set min period size using FIFO config (stable-fixes).\n- ASoC: ti: omap-hdmi: Fix too long driver name (stable-fixes).\n- ASoC: tlv320adc3xxx: Do not strip remove function when driver is builtin (git-fixes).\n- ASoC: topology: Do not assign fields that are already set (stable-fixes).\n- ASoC: topology: Fix references to freed memory (stable-fixes).\n- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).\n- ASoC: wm_adsp: Add missing MODULE_DESCRIPTION() (git-fixes).\n- ASoC: wm_adsp: Fix missing mutex_lock in wm_adsp_write_ctl() (git-fixes).\n- ata: ahci: Clean up sysfs file on error (git-fixes).\n- ata: libata-core: Allow command duration limits detection for ACS-4 drives (git-fixes).\n- ata: libata-core: Fix double free on error (git-fixes).\n- ata: libata-core: Fix null pointer dereference on error (git-fixes).\n- ata: pata_legacy: make legacy_exit() work again (git-fixes).\n- ata: sata_gemini: Check clk_enable() result (stable-fixes).\n- ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-fixes).\n- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).\n- ata,scsi: libata-core: Do not leak memory for ata_port struct members (git-fixes).\n- autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).\n- auxdisplay: ht16k33: Drop reference after LED registration (git-fixes).\n- ax25: Fix netdev refcount issue (git-fixes).\n- ax25: Fix refcount imbalance on inbound connections (git-fixes).\n- ax25: Fix reference count leak issue of net_device (git-fixes).\n- ax25: Fix reference count leak issues of ax25_dev (git-fixes).\n- ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).\n- batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).\n- batman-adv: bypass empty buckets in batadv_purge_orig_ref() (stable-fixes).\n- batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes).\n- bitops: add missing prototype check (git-fixes).\n- blk-cgroup: fix list corruption from reorder of WRITE -\u003elqueued (bsc#1225605).\n- blk-cgroup: fix list corruption from resetting io stat (bsc#1225605).\n- block: fix q-\u003eblkg_list corruption during disk rebind (bsc#1223591).\n- block: Move checking GENHD_FL_NO_PART to bdev_add_partition() (bsc#1226213).\n- Bluetooth: Add new quirk for broken read key length on ATS2851 (stable-fixes).\n- Bluetooth: add quirk for broken address properties (git-fixes).\n- Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (stable-fixes).\n- Bluetooth: btintel: Fixe build regression (git-fixes).\n- Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).\n- Bluetooth: btintel: Refactor btintel_set_ppag() (git-fixes).\n- Bluetooth: btnxpuart: Add handling for boot-signature timeout errors (git-fixes).\n- Bluetooth: btnxpuart: Enable Power Save feature on startup (stable-fixes).\n- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).\n- Bluetooth: btusb: Fix triggering coredump implementation for QCA (git-fixes).\n- Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).\n- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).\n- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).\n- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).\n- Bluetooth: hci_bcm4377: Fix msgid release (git-fixes).\n- Bluetooth: hci_bcm4377: Use correct unit for timeouts (git-fixes).\n- Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (stable-fixes).\n- Bluetooth: hci_core: Cancel request on command timeout (stable-fixes).\n- bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX (git-fixes).\n- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).\n- Bluetooth: hci_event: Fix setting of unicast qos interval (git-fixes).\n- Bluetooth: hci_event: Remove code to removed CONFIG_BT_HS (stable-fixes).\n- Bluetooth: hci_event: Set QoS encryption from BIGInfo report (git-fixes).\n- Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).\n- Bluetooth: HCI: Fix potential null-ptr-deref (git-fixes).\n- Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: hci_sync: Fix not checking error on hci_cmd_sync_cancel_sync (git-fixes).\n- Bluetooth: hci_sync: Fix using the same interval and window for Coded PHY (git-fixes).\n- Bluetooth: hci_sync: Use QoS to determine which PHY to scan (stable-fixes).\n- Bluetooth: Ignore too large handle values in BIG (git-fixes).\n- Bluetooth: ISO: Align broadcast sync_timeout with connection timeout (stable-fixes).\n- Bluetooth: ISO: Check socket flag instead of hcon (git-fixes).\n- Bluetooth: ISO: Do not reject BT_ISO_QOS if parameters are unset (git-fixes).\n- Bluetooth: ISO: Fix BIS cleanup (stable-fixes).\n- Bluetooth: l2cap: Do not double set the HCI_CONN_MGMT_CONNECTED bit (git-fixes).\n- Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).\n- Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes).\n- Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() (git-fixes).\n- Bluetooth: MGMT: Fix failing to MGMT_OP_ADD_UUID/MGMT_OP_REMOVE_UUID (bsc#1221504).\n- Bluetooth: mgmt: Fix limited discoverable off timeout (stable-fixes).\n- Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).\n- Bluetooth: qca: add missing firmware sanity checks (git-fixes).\n- Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot (git-fixes).\n- Bluetooth: qca: fix device-address endianness (git-fixes).\n- Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).\n- Bluetooth: qca: fix firmware check error path (git-fixes).\n- Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).\n- Bluetooth: qca: fix NULL-deref on non-serdev setup (git-fixes).\n- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).\n- Bluetooth: qca: fix NVM configuration parsing (git-fixes).\n- Bluetooth: qca: set power_ctrl_enabled on NULL returned by gpiod_get_optional() (git-fixes).\n- Bluetooth: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).\n- Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).\n- bnx2x: Fix firmware version string character counts (git-fixes).\n- bnxt_en: Fix error recovery for RoCE ulp client (git-fixes).\n- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (git-fixes).\n- bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes).\n- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)\n- bootconfig: Fix the kerneldoc of _xbc_exit() (git-fixes).\n- bootconfig: use memblock_free_late to free xbc memory to buddy (git-fixes).\n- bootmem: use kmemleak_free_part_phys in free_bootmem_page (git-fixes).\n- bootmem: use kmemleak_free_part_phys in put_page_bootmem (git-fixes).\n- bpf, arm64: fix bug in BPF_LDX_MEMSX (git-fixes)\n- bpf, arm64: Fix incorrect runtime stats (git-fixes)\n- bpf: check bpf_func_state-\u003ecallback_depth when pruning states (bsc#1225903).\n- bpf: correct loop detection for iterators convergence (bsc#1225903).\n- bpf: exact states comparison for iterator convergence checks (bsc#1225903).\n- bpf: extract __check_reg_arg() utility function (bsc#1225903).\n- bpf: extract same_callsites() as utility function (bsc#1225903).\n- bpf: extract setup_func_entry() utility function (bsc#1225903).\n- bpf: fix precision backtracking instruction iteration (bsc#1225756).\n- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).\n- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).\n- bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903).\n- bpf: move explored_state() closer to the beginning of verifier.c (bsc#1225903).\n- bpf: print full verifier states on infinite loop detection (bsc#1225903).\n- bpf: Remove xdp_do_flush_map() (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- bpf, scripts: Correct GPL license name (git-fixes).\n- bpf: verify callbacks as if they are called unknown number of times (bsc#1225903).\n- bpf: widening for callback iterators (bsc#1225903).\n- btrfs: add a helper to read the superblock metadata_uuid (git-fixes)\n- btrfs: add and use helper to check if block group is used (bsc#1220120).\n- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)\n- btrfs: add new unused block groups to the list of unused block groups (bsc#1220120).\n- btrfs: allow to run delayed refs by bytes to be released instead of count (bsc#1220120).\n- btrfs: always clear PERTRANS metadata during commit (git-fixes)\n- btrfs: always print transaction aborted messages with an error level (git-fixes)\n- btrfs: always reserve space for delayed refs when starting transaction (bsc#1220120).\n- btrfs: assert correct lock is held at btrfs_select_ref_head() (bsc#1220120).\n- btrfs: assert delayed node locked when removing delayed item (git-fixes)\n- btrfs: avoid start and commit empty transaction when flushing qgroups (bsc#1220120).\n- btrfs: avoid start and commit empty transaction when starting qgroup rescan (bsc#1220120).\n- btrfs: avoid starting and committing empty transaction when flushing space (bsc#1220120).\n- btrfs: avoid starting new transaction when flushing delayed items and refs (bsc#1220120).\n- btrfs: check for BTRFS_FS_ERROR in pending ordered assert (git-fixes)\n- btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super (git-fixes)\n- btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size (git-fixes)\n- btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args (git-fixes)\n- btrfs: do not allow non subvolume root targets for snapshot (git-fixes)\n- btrfs: do not arbitrarily slow down delalloc if we\u0027re committing (git-fixes)\n- btrfs: do not delete unused block group if it may be used soon (bsc#1220120).\n- btrfs: do not refill whole delayed refs block reserve when starting transaction (bsc#1220120).\n- btrfs: do not start transaction when joining with TRANS_JOIN_NOSTART (git-fixes)\n- btrfs: do not steal space from global rsv after a transaction abort (bsc#1220120).\n- btrfs: do not warn if discard range is not aligned to sector (git-fixes)\n- btrfs: ensure fiemap does not race with writes when FIEMAP_FLAG_SYNC is given (bsc#1223285).\n- btrfs: error out when COWing block using a stale transaction (git-fixes)\n- btrfs: error out when reallocating block for defrag using a stale transaction (git-fixes)\n- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)\n- btrfs: fail priority metadata ticket with real fs error (bsc#1220120).\n- btrfs: file_remove_privs needs an exclusive lock in direct io write (git-fixes)\n- btrfs: fix 64bit compat send ioctl arguments not initializing version member (git-fixes)\n- btrfs: fix deadlock with fiemap and extent locking (bsc#1223285).\n- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)\n- btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send() (git-fixes)\n- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)\n- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)\n- btrfs: fix off-by-one when checking chunk map includes logical address (git-fixes)\n- btrfs: fix race between ordered extent completion and fiemap (bsc#1223285).\n- btrfs: fix race when detecting delalloc ranges during fiemap (bsc#1223285).\n- btrfs: fix race when refilling delayed refs block reserve (git-fixes)\n- btrfs: fix start transaction qgroup rsv double free (git-fixes)\n- btrfs: fix stripe length calculation for non-zoned data chunk allocation (bsc#1217489).\n- btrfs: fix wrong block_start calculation for btrfs_drop_extent_map_range() (git-fixes) Dropped hunk in selftests (test_case_7), 92e1229b204d6.\n- btrfs: free qgroup rsv on io failure (git-fixes)\n- btrfs: free the allocated memory if btrfs_alloc_page_array() fails (git-fixes)\n- btrfs: get rid of label and goto at insert_delayed_ref() (bsc#1220120).\n- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)\n- btrfs: handle errors properly in update_inline_extent_backref() (git-fixes)\n- btrfs: initialize key where it\u0027s used when running delayed data ref (bsc#1220120).\n- btrfs: log message if extent item not found when running delayed extent op (bsc#1220120).\n- btrfs: make btrfs_cleanup_fs_roots() static (bsc#1220120).\n- btrfs: make btrfs_destroy_delayed_refs() return void (bsc#1220120).\n- btrfs: make btrfs_destroy_marked_extents() return void (bsc#1220120).\n- btrfs: make btrfs_destroy_pinned_extent() return void (bsc#1220120).\n- btrfs: make error messages more clear when getting a chunk map (git-fixes)\n- btrfs: make find_first_extent_bit() return a boolean (bsc#1220120).\n- btrfs: make find_free_dev_extent() static (bsc#1220120).\n- btrfs: make insert_delayed_ref() return a bool instead of an int (bsc#1220120).\n- btrfs: merge find_free_dev_extent() and find_free_dev_extent_start() (bsc#1220120).\n- btrfs: move btrfs_free_excluded_extents() into block-group.c (bsc#1220120).\n- btrfs: open code trivial btrfs_add_excluded_extent() (bsc#1220120).\n- btrfs: output extra debug info if we failed to find an inline backref (git-fixes)\n- btrfs: pass a space_info argument to btrfs_reserve_metadata_bytes() (bsc#1220120).\n- btrfs: prevent transaction block reserve underflow when starting transaction (git-fixes)\n- btrfs: print available space across all block groups when dumping space info (bsc#1220120).\n- btrfs: print available space for a block group when dumping a space info (bsc#1220120).\n- btrfs: print block group super and delalloc bytes when dumping space info (bsc#1220120).\n- btrfs: print target number of bytes when dumping free space (bsc#1220120).\n- btrfs: qgroup: always free reserved space for extent records (bsc#1216196).\n- btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans (git-fixes)\n- btrfs: record delayed inode root in transaction (git-fixes)\n- btrfs: reject encoded write if inode has nodatasum flag set (git-fixes)\n- btrfs: release path before inode lookup during the ino lookup ioctl (git-fixes)\n- btrfs: remove pointless initialization at btrfs_delayed_refs_rsv_release() (bsc#1220120).\n- btrfs: remove pointless in_tree field from struct btrfs_delayed_ref_node (bsc#1220120).\n- btrfs: remove pointless \u0027ref_root\u0027 variable from run_delayed_data_ref() (bsc#1220120).\n- btrfs: remove redundant BUG_ON() from __btrfs_inc_extent_ref() (bsc#1220120).\n- btrfs: remove refs_to_add argument from __btrfs_inc_extent_ref() (bsc#1220120).\n- btrfs: remove refs_to_drop argument from __btrfs_free_extent() (bsc#1220120).\n- btrfs: remove the refcount warning/check at btrfs_put_delayed_ref() (bsc#1220120).\n- btrfs: remove unnecessary logic when running new delayed references (bsc#1220120).\n- btrfs: remove unnecessary prototype declarations at disk-io.c (bsc#1220120).\n- btrfs: remove unused is_head field from struct btrfs_delayed_ref_node (bsc#1220120).\n- btrfs: rename add_new_free_space() to btrfs_add_new_free_space() (bsc#1220120).\n- btrfs: reorder some members of struct btrfs_delayed_ref_head (bsc#1220120).\n- btrfs: reserve space for delayed refs on a per ref basis (bsc#1220120).\n- btrfs: reset destination buffer when read_extent_buffer() gets invalid range (git-fixes)\n- btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to 1 (git-fixes)\n- btrfs: return -EUCLEAN if extent item is missing when searching inline backref (bsc#1220120).\n- btrfs: return real error when orphan cleanup fails due to a transaction abort (bsc#1220120).\n- btrfs: send: do not issue unnecessary zero writes for trailing hole (bsc#1222459).\n- btrfs: send: ensure send_fd is writable (git-fixes)\n- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)\n- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)\n- btrfs: set page extent mapped after read_folio in relocate_one_page (git-fixes)\n- btrfs: simplify check for extent item overrun at lookup_inline_extent_backref() (bsc#1220120).\n- btrfs: stop doing excessive space reservation for csum deletion (bsc#1220120).\n- btrfs: store the error that turned the fs into error state (bsc#1220120).\n- btrfs: sysfs: validate scrub_speed_max value (git-fixes)\n- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)\n- btrfs: update comment for btrfs_join_transaction_nostart() (bsc#1220120).\n- btrfs: update documentation for add_new_free_space() (bsc#1220120).\n- btrfs: use a bool to track qgroup record insertion when adding ref head (bsc#1220120).\n- btrfs: use a single switch statement when initializing delayed ref head (bsc#1220120).\n- btrfs: use a single variable for return value at lookup_inline_extent_backref() (bsc#1220120).\n- btrfs: use a single variable for return value at run_delayed_extent_op() (bsc#1220120).\n- btrfs: use bool type for delayed ref head fields that are used as booleans (bsc#1220120).\n- btrfs: use the correct superblock to compare fsid in btrfs_validate_super (git-fixes)\n- btrfs: use u64 for buffer sizes in the tree search ioctls (git-fixes)\n- btrfs: zoned: do not skip block groups with 100% zone unusable (bsc#1220120).\n- bus: mhi: ep: check the correct variable in mhi_ep_register_controller() (git-fixes).\n- bus: mhi: host: allow MHI client drivers to provide the firmware via a pointer (bsc#1227149).\n- bytcr_rt5640 : inverse jack detect for Archos 101 cesium (stable-fixes).\n- cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd (git-fixes).\n- cachefiles: remove requests from xarray during flushing requests (bsc#1226588).\n- can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct (git-fixes).\n- can: kvaser_usb: fix return value for hif_usb_send_regout (stable-fixes).\n- can: mcp251xfd: fix infinite loop when xmit fails (git-fixes).\n- cdrom: rearrange last_media_change check to avoid unintentional overflow (stable-fixes).\n- ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022).\n- ceph: always check dir caps asynchronously (bsc#1226022).\n- ceph: always queue a writeback when revoking the Fb caps (bsc#1226022).\n- ceph: break the check delayed cap loop every 5s (bsc#1226022).\n- ceph: fix incorrect kmalloc size of pagevec mempool (bsc#1228417).\n- ceph: redirty page before returning AOP_WRITEPAGE_ACTIVATE (bsc#1224866).\n- ceph: stop copying to iter at EOF on sync reads (bsc#1222606).\n- ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022).\n- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (git-fixes).\n- checkpatch: really skip LONG_LINE_* when LONG_LINE is ignored (git-fixes).\n- cifs: Add a laundromat thread for cached directories (git-fixes, bsc#1225172).\n- clk: davinci: da8xx-cfgchip: Initialize clk_init_data before use (git-fixes).\n- clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).\n- clk: Get runtime PM before walking tree during disable_unused (git-fixes).\n- clk: Get runtime PM before walking tree for clk_summary (git-fixes).\n- clk: Initialize struct clk_core kref earlier (stable-fixes).\n- clk: mediatek: Do a runtime PM get on controllers during probe (git-fixes).\n- clk: mediatek: mt8183: Only enable runtime PM on mt8183-mfgcfg (git-fixes).\n- clk: mediatek: mt8365-mm: fix DPI0 parent (git-fixes).\n- clk: mediatek: pllfh: Do not log error for missing fhctl node (git-fixes).\n- clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs (git-fixes).\n- clk: qcom: clk-alpha-pll: remove invalid Stromer register offset (git-fixes).\n- clk: qcom: clk-alpha-pll: set ALPHA_EN bit for Stromer Plus PLLs (git-fixes).\n- clk: qcom: dispcc-sm6350: fix DisplayPort clocks (git-fixes).\n- clk: qcom: dispcc-sm8450: fix DisplayPort clocks (git-fixes).\n- clk: qcom: dispcc-sm8550: fix DisplayPort clocks (git-fixes).\n- clk: qcom: gcc-sm6350: Fix gpll6* \u0026 gpll7 parents (git-fixes).\n- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).\n- clk: qcom: reset: Commonize the de/assert functions (stable-fixes).\n- clk: qcom: reset: Ensure write completion on reset de/assertion (git-fixes).\n- clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).\n- clk: renesas: r8a779a0: Fix CANFD parent clock (git-fixes).\n- clk: renesas: r9a07g043: Add clock and reset entry for PLIC (git-fixes).\n- clk: rs9: fix wrong default value for clock amplitude (git-fixes).\n- clk: samsung: exynosautov9: fix wrong pll clock id value (git-fixes).\n- clk: Show active consumers of clocks in debugfs (stable-fixes).\n- clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (git-fixes).\n- clocksource/drivers/arm_global_timer: Fix maximum prescaler value (git-fixes).\n- clocksource/drivers/imx: Fix -Wunused-but-set-variable warning (git-fixes).\n- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).\n- config/arm64: Enable CoreSight PMU drivers (bsc#1228289 jsc#PED-7859)\n- coresight: trbe: Add a representative coresight_platform_data for (bsc#1220587)\n- coresight: trbe: Allocate platform data per device (bsc#1220587)\n- coresight: trbe: Enable ACPI based TRBE devices (bsc#1220587)\n- counter: linux/counter.h: fix Excess kernel-doc description warning (git-fixes).\n- counter: ti-eqep: enable clock at probe (git-fixes).\n- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).\n- cpufreq: amd-pstate: fix memory leak on CPU EPP exit (stable-fixes).\n- cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes).\n- cpufreq/amd-pstate: Fix the scaling_max_freq setting on shared memory CPPC systems (git-fixes).\n- cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations (git-fixes).\n- cpufreq: exit() callback is optional (git-fixes).\n- cpufreq: ti-cpufreq: Handle deferred probe with dev_err_probe() (git-fixes).\n- cpumask: Add for_each_cpu_from() (bsc#1225053).\n- crypto: aead,cipher - zeroize key buffer after use (stable-fixes).\n- crypto: bcm - Fix pointer arithmetic (git-fixes).\n- crypto: ccp - Add support for PCI device 0x156E (bsc#1223338).\n- crypto: ccp - Add support for PCI device 0x17E0 (bsc#1223338).\n- crypto: ccp - drop platform ifdef checks (git-fixes).\n- crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked (git-fixes).\n- crypto: deflate - Add aliases to deflate (bsc#1227190).\n- crypto: ecc - update ecc_gen_privkey for FIPS 186-5 (bsc#1222782).\n- crypto: ecdh - explicitly zeroize private_key (stable-fixes).\n- crypto/ecdh: make ecdh_compute_value() to zeroize the public key (bsc#1222768).\n- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).\n- crypto: ecdsa - Fix the public key format description (git-fixes).\n- crypto/ecdsa: make ecdsa_ecc_ctx_deinit() to zeroize the public key (bsc#1222768).\n- crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes).\n- crypto: hisilicon/debugfs - Fix debugfs uninit process issue (stable-fixes).\n- crypto: hisilicon/qm - Add the err memory release process to qm uninit (stable-fixes).\n- crypto: hisilicon/sec - Fix memory leak for sec resource release (stable-fixes).\n- crypto: iaa - Account for cpu-less numa nodes (bsc#1227190).\n- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init (git-fixes).\n- crypto: qat - extend scope of lock in adf_cfg_add_key_value_param() (git-fixes).\n- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (git-fixes).\n- crypto: qat - fix ring to service map for dcc in 4xxx (git-fixes).\n- crypto: qat - improve error logging to be consistent across features (git-fixes).\n- crypto: qat - relocate and rename get_service_enabled() (stable-fixes).\n- crypto: qat - specify firmware files for 402xx (git-fixes).\n- crypto: rsa - add a check for allocation failure (bsc#1222775).\n- crypto: rsa - allow only odd e and restrict value in FIPS mode (bsc#1222775).\n- crypto: testmgr - remove unused xts4096 and xts512 algorithms from testmgr.c (bsc#1222769).\n- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).\n- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).\n- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).\n- cxgb4: Properly lock TX queue for the selftest (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- cxl/acpi: Fix load failures due to single window creation failure (git-fixes).\n- cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window (git-fixes).\n- cxl/region: Fix cxlr_pmem leaks (git-fixes).\n- cxl/region: Fix memregion leaks in devm_cxl_add_region() (git-fixes).\n- cxl/test: Add missing vmalloc.h for tools/testing/cxl/test/mem.c (git-fixes).\n- cxl/trace: Correct DPA field masks for general_media \u0026 dram events (git-fixes).\n- cxl/trace: Properly initialize cxl_poison region name (git-fixes).\n- dax: alloc_dax() return ERR_PTR(-EOPNOTSUPP) for CONFIG_DAX=n (jsc#PED-5853).\n- dax/bus.c: replace driver-core lock usage by a local rwsem (jsc#PED-5853).\n- dax/bus.c: replace several sprintf() with sysfs_emit() (jsc#PED-5853).\n- decompress_bunzip2: fix rare decompression failure (git-fixes).\n- device-dax: make dax_bus_type const (jsc#PED-5853).\n- devres: Fix devm_krealloc() wasting memory (git-fixes).\n- devres: Fix memory leakage caused by driver API devm_free_percpu() (git-fixes).\n- dlm: fix user space lkb refcounting (git-fixes).\n- dlm: fix user space lock decision to copy lvb (git-fixes).\n- dma-buf: Fix NULL pointer dereference in sanitycheck() (git-fixes).\n- dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (git-fixes).\n- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).\n- dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).\n- dmaengine: idxd: Avoid unnecessary destruction of file_ida (git-fixes).\n- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).\n- dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git-fixes).\n- dmaengine: ioatdma: Fix error path in ioat3_dma_probe() (git-fixes).\n- dmaengine: ioatdma: Fix kmemleak in ioat_pci_probe() (git-fixes).\n- dmaengine: ioatdma: Fix leaking on version mismatch (git-fixes).\n- dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes).\n- dmaengine: owl: fix register access functions (git-fixes).\n- dmaengine: tegra186: Fix residual calculation (git-fixes).\n- dmaengine: ti: k3-udma: Fix BCHAN count with UHC and HC channels (git-fixes).\n- dma: fix call order in dmam_free_coherent (git-fixes).\n- dma-mapping: benchmark: fix node id validation (git-fixes).\n- dma-mapping: benchmark: handle NUMA_NO_NODE correctly (git-fixes).\n- dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes).\n- dma: xilinx_dpdma: Fix locking (git-fixes).\n- dm crypt: remove redundant state settings after waking up (jsc#PED-7542).\n- dm-integrity: set max_integrity_segments in dm_integrity_io_hints (jsc#PED-7542).\n- dm-multipath: dont\u0027t attempt SG_IO on non-SCSI-disks (bsc#1223575).\n- dm-raid: add a new helper prepare_suspend() in md_personality (jsc#PED-7542).\n- dm-raid: really frozen sync_thread during suspend (jsc#PED-7542).\n- dm thin: add braces around conditional code that spans lines (jsc#PED-7542).\n- dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list (jsc#PED-7542).\n- dm verity: set DM_TARGET_SINGLETON feature flag (jsc#PED-7542).\n- Docs/admin-guide/mm/damon/usage: fix wrong example of DAMOS filter matching sysfs file (git-fixes).\n- docs: crypto: async-tx-api: fix broken code example (git-fixes).\n- docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).\n- docs: netdev: Fix typo in Signed-off-by tag (git-fixes).\n- docs: Restore \u0027smart quotes\u0027 for quotes (stable-fixes).\n- dpll: spec: use proper enum for pin capabilities attribute (git-fixes).\n- driver core: Introduce device_link_wait_removal() (stable-fixes).\n- drivers: core: synchronize really_probe() and dev_uevent() (git-fixes).\n- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).\n- drivers: soc: xilinx: check return status of get_api_version() (git-fixes).\n- drivers/xen: Improve the late XenStore init protocol (git-fixes).\n- drm: add drm_gem_object_is_shared_for_memory_stats() helper (stable-fixes).\n- drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() (stable-fixes).\n- drm/amd/amdgpu: Fix uninitialized variable warnings (git-fixes).\n- drm/amd/display: Account for cursor prefetch BW in DML1 mode support (stable-fixes).\n- drm/amd/display: Add dml2 copy functions (stable-fixes).\n- drm/amd/display: Add dtbclk access to dcn315 (stable-fixes).\n- drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes).\n- drm/amd/display: Allocate zero bw after bw alloc enable (stable-fixes).\n- drm/amd/display: Allow dirty rects to be sent to dmub when abm is active (stable-fixes).\n- drm/amd/display: ASSERT when failing to find index by plane/stream id (stable-fixes).\n- drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).\n- drm/amd/display: Change default size for dummy plane in DML2 (stable-fixes).\n- drm/amd/display: change dram_clock_latency to 34us for dcn35 (stable-fixes).\n- drm/amd/display: Check index msg_id before read or write (stable-fixes).\n- drm/amd/display: Check pipe offset before setting vblank (stable-fixes).\n- drm/amd/display: Disable seamless boot on 128b/132b encoding (stable-fixes).\n- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).\n- drm/amd/display: Enable colorspace property for MST connectors (git-fixes).\n- drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes).\n- drm/amd/display: Fix array-index-out-of-bounds in dml2/FCLKChangeSupport (stable-fixes).\n- drm/amd/display: Fix bounds check for dcn35 DcfClocks (git-fixes).\n- drm/amd/display: Fix DC mode screen flickering on DCN321 (stable-fixes).\n- drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).\n- drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).\n- drm/amd/display: Fix idle check for shared firmware state (stable-fixes).\n- drm/amd/display: Fix incorrect DSC instance for MST (stable-fixes).\n- drm/amd/display: fix input states translation error for dcn35 \u0026 dcn351 (stable-fixes).\n- drm/amd/display: Fix nanosec stat overflow (stable-fixes).\n- drm/amd/display: Fix noise issue on HDMI AV mute (stable-fixes).\n- drm/amd/display: Fix overlapping copy within dml_core_mode_programming (stable-fixes).\n- drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes).\n- drm/amd/display: Fix uninitialized variables in DM (stable-fixes).\n- drm/amd/display: handle range offsets in VRR ranges (stable-fixes).\n- drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).\n- drm/amd/display: Init DPPCLK from SMU on dcn32 (stable-fixes).\n- drm/amd/display: Move \u0027struct scaler_data\u0027 off stack (git-fixes).\n- drm/amd/display: Override min required DCFCLK in dml1_validate (stable-fixes).\n- drm/amd/display: Prevent crash when disable stream (stable-fixes).\n- drm/amd/display: Program VSC SDP colorimetry for all DP sinks \u003e= 1.4 (stable-fixes).\n- drm/amd/display: Remove MPC rate control logic from DCN30 and above (stable-fixes).\n- drm/amd/display: Remove pixle rate limit for subvp (stable-fixes).\n- drm/amd/display: Remove redundant condition in dcn35_calc_blocks_to_gate() (git-fixes).\n- drm/amd/display: Return the correct HDCP error code (stable-fixes).\n- drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes).\n- drm/amd/display: Revert Remove pixle rate limit for subvp (stable-fixes).\n- drm/amd/display: Send DP_TOTAL_LTTPR_CNT during detection if LTTPR is present (stable-fixes).\n- drm/amd/display: Send DTBCLK disable message on first commit (git-fixes).\n- drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes).\n- drm/amd/display: Set DCN351 BB and IP the same as DCN35 (stable-fixes).\n- drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST (stable-fixes).\n- drm/amd/display: Skip finding free audio for unknown engine_id (stable-fixes).\n- drm/amd/display: Skip pipe if the pipe idx not set properly (stable-fixes).\n- drm/amd/display: Use freesync when `DRM_EDID_FEATURE_CONTINUOUS_FREQ` found (stable-fixes).\n- drm/amd/display: Workaround register access in idle race with cursor (stable-fixes).\n- drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes).\n- drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).\n- drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes).\n- drm/amdgpu: always force full reset for SOC21 (stable-fixes).\n- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).\n- drm/amdgpu: Assign correct bits for SDMA HDP flush (stable-fixes).\n- drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes).\n- drm/amdgpu/atomfirmware: fix parsing of vram_info (stable-fixes).\n- drm/amdgpu/atomfirmware: silence UBSAN warning (stable-fixes).\n- drm/amdgpu: avoid using null object of framebuffer (stable-fixes).\n- drm/amdgpu: Check if NBIO funcs are NULL in amdgpu_device_baco_exit (git-fixes).\n- drm/amdgpu/display: Address kdoc for \u0027is_psr_su\u0027 in \u0027fill_dc_dirty_rects\u0027 (git-fixes).\n- drm/amdgpu: drop setting buffer funcs in sdma442 (git-fixes).\n- drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() (git-fixes).\n- drm/amdgpu: Fix comparison in amdgpu_res_cpu_visible (git-fixes).\n- drm/amdgpu: fix deadlock while reading mqd from debugfs (git-fixes).\n- drm/amdgpu: fix doorbell regression (git-fixes).\n- drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).\n- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).\n- drm/amdgpu: fix locking scope when flushing tlb (stable-fixes).\n- drm/amdgpu: Fix memory range calculation (git-fixes).\n- drm/amdgpu: fix mmhub client id out-of-bounds access (git-fixes).\n- drm/amdgpu: Fix pci state save during mode-1 reset (git-fixes).\n- drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (git-fixes).\n- drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes).\n- drm/amdgpu: fix the warning about the expression (int)size - len (stable-fixes).\n- drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes).\n- drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).\n- drm/amdgpu: Fix uninitialized variable warnings (stable-fixes).\n- drm/amdgpu: fix use-after-free bug (stable-fixes).\n- drm/amdgpu: Fix VCN allocation in CPX partition (stable-fixes).\n- drm/amdgpu: fix visible VRAM handling during faults (git-fixes).\n- drm/amdgpu: Fix VRAM memory accounting (stable-fixes).\n- drm/amdgpu: implement IRQ_STATE_ENABLE for SDMA v4.4.2 (stable-fixes).\n- drm/amdgpu: Indicate CU havest info to CP (stable-fixes).\n- drm/amdgpu: Initialize timestamp for some legacy SOCs (stable-fixes).\n- drm/amdgpu: init microcode chip name from ip versions (stable-fixes).\n- drm/amdgpu: make damage clips support configurable (stable-fixes).\n- drm/amdgpu/mes: fix use-after-free issue (stable-fixes).\n- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).\n- drm/amdgpu/pm: Check the validity of overdiver power limit (git-fixes).\n- drm/amdgpu/pm: Fix NULL pointer dereference when get power limit (git-fixes).\n- drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).\n- drm/amdgpu: Refine IB schedule error logging (stable-fixes).\n- drm/amdgpu: Remove GC HW IP 9.3.0 from noretry=1 (git-fixes).\n- drm/amdgpu: remove invalid resource-\u003estart check v2 (git-fixes).\n- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).\n- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).\n- drm/amdgpu: silence UBSAN warning (stable-fixes).\n- drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (stable-fixes).\n- drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).\n- drm/amdkfd: Add VRAM accounting for SVM migration (stable-fixes).\n- drm/amdkfd: Check cgroup when returning DMABuf info (stable-fixes).\n- drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes).\n- drm/amdkfd: Fix CU Masking for GFX 9.4.3 (git-fixes).\n- drm/amdkfd: Fix memory leak in create_process failure (git-fixes).\n- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).\n- drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes).\n- drm/amdkfd: Let VRAM allocations go to GTT domain on small APUs (stable-fixes).\n- drm/amdkfd: range check cp bad op exception interrupts (stable-fixes).\n- drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).\n- drm/amd/pm: Fix aldebaran pcie speed reporting (git-fixes).\n- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).\n- drm/amd/pm: remove logically dead code for renoir (git-fixes).\n- drm/amd/pm: Restore config space after reset (stable-fixes).\n- drm/amd/swsmu: modify the gfx activity scaling (stable-fixes).\n- drm/arm/komeda: Fix komeda probe failing if there are no links in the secondary pipeline (git-fixes).\n- drm/arm/malidp: fix a possible null pointer dereference (git-fixes).\n- drm/ast: Fix soft lockup (git-fixes).\n- drm/bridge: anx7625: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes).\n- drm/bridge: dpc3433: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: Fix improper bridge init order with pre_enable_prev_first (git-fixes).\n- drm/bridge: icn6211: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: it6505: fix hibernate to resume no display issue (git-fixes).\n- drm/bridge: lt8912b: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: lt9611: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: lt9611uxc: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes).\n- drm/bridge: samsung-dsim: Set P divider based on min/max of fin pll (git-fixes).\n- drm/bridge: tc358775: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).\n- drm/buddy: check range allocation matches alignment (stable-fixes).\n- drm: Check output polling initialized before disabling (stable-fixes).\n- drm: Check polling initialized before enabling in drm_helper_probe_single_connector_modes (stable-fixes).\n- drm/client: Fully protect modes[] with dev-\u003emode_config.mutex (stable-fixes).\n- drm/connector: Add \\n to message about demoting connector force-probes (git-fixes).\n- drm/display: fix typo (git-fixes).\n- drm/dp_mst: Fix all mstb marked as not probed after suspend/resume (git-fixes).\n- drm/etnaviv: fix DMA direction handling for cached RW buffers (git-fixes).\n- drm/etnaviv: fix tx clock gating on some GC7000 variants (stable-fixes).\n- drm/exynos: do not return negative values from .get_modes() (stable-fixes).\n- drm/exynos: dp: drop driver owner initialization (stable-fixes).\n- drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes).\n- drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes).\n- drm/fbdev-dma: Fix framebuffer mode for big endian devices (git-fixes).\n- drm/fbdev-dma: Only set smem_start is enable per module option (git-fixes).\n- drm/fbdev-generic: Do not set physical framebuffer address (git-fixes).\n- drm/fbdev-generic: Fix framebuffer on big endian devices (git-fixes).\n- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).\n- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (git-fixes).\n- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (git-fixes).\n- drm/gma500: Remove lid code (git-fixes).\n- drm/i915/audio: Fix audio time stamp programming for DP (stable-fixes).\n- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).\n- drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).\n- drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).\n- drm/i915: Disable port sync when bigjoiner is used (stable-fixes).\n- drm/i915/display: Use i915_gem_object_get_dma_address to get dma address (stable-fixes).\n- drm/i915: Do not match JSL in ehl_combo_pll_div_frac_wa_needed() (git-fixes).\n- drm/i915/dp: Do not switch the LTTPR mode on an active link (git-fixes).\n- drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY \u0026lt; 13 (git-fixes).\n- drm/i915/dp: Remove support for UHBR13.5 (git-fixes).\n- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).\n- drm/i915/dsb: Fix DSB vblank waits when using VRR (git-fixes).\n- drm/i915/dsi: Go back to the previous INIT_OTP/DISPLAY_ON order, mostly (git-fixes).\n- drm/i915: Fix audio component initialization (git-fixes).\n- drm/i915/gt: Automate CCS Mode setting during engine resets (git-fixes).\n- drm/i915/gt: Disable HW load balancing for CCS (git-fixes).\n- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).\n- drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8 (git-fixes).\n- drm/i915/gt: Do not generate the command streamer for all the CCS (git-fixes).\n- drm/i915/gt: Enable only one CCS for compute workload (git-fixes).\n- drm/i915/gt: Fix CCS id\u0027s calculation for CCS mode setting (git-fixes).\n- drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes).\n- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).\n- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).\n- drm/i915/hwmon: Fix locking inversion in sysfs getter (git-fixes).\n- drm/i915/hwmon: Get rid of devm (stable-fixes).\n- drm/i915: Include the PLL name in the debug messages (stable-fixes).\n- drm/i915/lspcon: Separate function to set expected mode (bsc#1193599).\n- drm/i915/lspcon: Separate lspcon probe and lspcon init (bsc#1193599).\n- drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes).\n- drm/i915/mst: Limit MST+DSC to TGL+ (git-fixes).\n- drm/i915/mst: Reject FEC+MST on ICL (git-fixes).\n- drm/i915: Pre-populate the cursor physical dma address (git-fixes).\n- drm/i915: Replace a memset() with zero initialization (stable-fixes).\n- drm/i915: Stop printing pipe name as hex (stable-fixes).\n- drm/i915: Suppress old PLL pipe_mask checks for MG/TC/TBT PLLs (stable-fixes).\n- drm/i915: Try to preserve the current shared_dpll for fastset on type-c ports (stable-fixes).\n- drm/i915: Use named initializers for DPLL info (stable-fixes).\n- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).\n- drm/i915/vrr: Generate VRR \u0027safe window\u0027 for DSB (git-fixes).\n- drm/imx/ipuv3: do not return negative values from .get_modes() (stable-fixes).\n- drm/komeda: check for error-valued pointer (git-fixes).\n- drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).\n- drm/lima: add mask irq callback to gp and pp (stable-fixes).\n- drm/lima: fix shared irq handling on driver remove (stable-fixes).\n- drm/lima: Mark simple_ondemand governor as softdep (git-fixes).\n- drm/lima: mask irqs in timeout path before hard reset (stable-fixes).\n- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).\n- drm/mediatek: Add DRM_MODE_ROTATE_0 to rotation property (git-fixes).\n- drm/mediatek: Add OVL compatible name for MT8195 (git-fixes).\n- drm/mediatek: Call drm_atomic_helper_shutdown() at shutdown time (stable-fixes).\n- drm/mediatek: dp: Fix mtk_dp_aux_transfer return value (git-fixes).\n- drm/mediatek: Fix bit depth overwritten for mtk_ovl_set bit_depth() (git-fixes).\n- drm/mediatek: Fix destination alpha error in OVL (git-fixes).\n- drm/mediatek: Fix XRGB setting error in Mixer (git-fixes).\n- drm/mediatek: Fix XRGB setting error in OVL (git-fixes).\n- drm/mediatek: Init `ddp_comp` with devm_kcalloc() (git-fixes).\n- drm/mediatek: Remove less-than-zero comparison of an unsigned value (git-fixes).\n- drm/mediatek: Set DRM mode configs accordingly (git-fixes).\n- drm/mediatek: Support DRM plane alpha in Mixer (git-fixes).\n- drm/mediatek: Support DRM plane alpha in OVL (git-fixes).\n- drm/mediatek: Support RGBA8888 and RGBX8888 in OVL on MT8195 (git-fixes).\n- drm/mediatek: Turn off the layers with zero width or height (git-fixes).\n- drm/mediatek: Use 8-bit alpha in ETHDR (git-fixes).\n- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).\n- drm/meson: dw-hdmi: power up phy on device init (git-fixes).\n- drm/meson: fix canvas release in bind function (git-fixes).\n- drm/meson: gate px_clk when setting rate (git-fixes).\n- drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).\n- drm/mgag200: Bind I2C lifetime to DRM device (git-fixes).\n- drm/mgag200: Set DDC timeout in milliseconds (git-fixes).\n- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq() (git-fixes).\n- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_generic_write_seq() (git-fixes).\n- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).\n- drm/msm: Add newlines to some debug prints (git-fixes).\n- drm/msm/adreno: fix CP cycles stat retrieval on a7xx (git-fixes).\n- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).\n- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).\n- drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).\n- drm/msm/dpu: Add callback function pointer check before its call (git-fixes).\n- drm/msm/dpu: Allow configuring multiple active DSC blocks (git-fixes).\n- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).\n- drm/msm/dpu: do not allow overriding data from catalog (git-fixes).\n- drm/msm/dpu: drop validity checks for clear_pending_flush() ctl op (git-fixes).\n- drm/msm/dpu: fix encoder irq wait skip (git-fixes).\n- drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more sensible (git-fixes).\n- drm/msm/dpu: use devres-managed allocation for MDP TOP (stable-fixes).\n- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes).\n- drm/msm/dsi: set VIDEO_COMPRESSION_MODE_CTRL_WC (git-fixes).\n- drm/msm/mdp5: Remove MDP_CAP_SRC_SPLIT from msm8x53_config (git-fixes).\n- drm/nouveau/disp: Fix missing backlight control on Macbook 5, 1 (bsc#1223838).\n- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (stable-fixes).\n- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (stable-fixes).\n- drm/nouveau: do not attempt to schedule hpd_work on headless cards (git-fixes).\n- drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).\n- drm/nouveau/dp: Fix incorrect return code in r535_dp_aux_xfer() (git-fixes).\n- drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() (stable-fixes).\n- drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (git-fixes).\n- drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations (git-fixes).\n- drm: nv04: Fix out of bounds access (git-fixes).\n- drm/omapdrm: Fix console by implementing fb_dirty (git-fixes).\n- drm/panel: boe-tv101wum-nl6: Check for errors on the NOP in prepare() (git-fixes).\n- drm/panel: boe-tv101wum-nl6: If prepare fails, disable GPIO before regulators (git-fixes).\n- drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes).\n- drm/panel: himax-hx8394: Handle errors from mipi_dsi_dcs_set_display_on() better (git-fixes).\n- drm/panel: ili9341: Respect deferred probe (git-fixes).\n- drm/panel: ili9341: Use predefined error codes (git-fixes).\n- drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep (stable-fixes).\n- drm/panel: ilitek-ili9882t: Check for errors on the NOP in prepare() (git-fixes).\n- drm/panel: ilitek-ili9882t: If prepare fails, disable GPIO before regulators (git-fixes).\n- drm/panel: ltk050h3146w: add MIPI_DSI_MODE_VIDEO to LTK050H3148W flags (git-fixes).\n- drm/panel: ltk050h3146w: drop duplicate commands from LTK050H3148W init (git-fixes).\n- drm/panel: novatek-nt35950: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm: panel-orientation-quirks: Add quirk for Aya Neo KUN (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for Valve Galileo (stable-fixes).\n- drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes).\n- drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes).\n- drm/panel: sitronix-st7789v: Add check for of_drm_get_panel_orientation (git-fixes).\n- drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel (git-fixes).\n- drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).\n- drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).\n- drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).\n- drm/panfrost: fix power transition timeout warnings (git-fixes).\n- drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (git-fixes).\n- drm/panfrost: Mark simple_ondemand governor as softdep (git-fixes).\n- drm/prime: Unbreak virtgpu dma-buf export (git-fixes).\n- drm/probe-helper: warn about negative .get_modes() (stable-fixes).\n- drm/qxl: Add check for drm_cvt_mode (git-fixes).\n- drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes).\n- drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes).\n- drm/radeon: check bo_va-\u003ebo is non-NULL before using it (stable-fixes).\n- drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes).\n- drm/radeon: make -fstrict-flex-arrays=3 happy (git-fixes).\n- drm/radeon/radeon_display: Decrease the size of allocated memory (stable-fixes).\n- drm/radeon: silence UBSAN warning (v3) (stable-fixes).\n- drm/rockchip: vop2: Do not divide height twice for YUV (git-fixes).\n- drm/rockchip: vop2: Fix the port mux of VP2 (git-fixes).\n- drm/rockchip: vop2: Remove AR30 and AB30 format support (git-fixes).\n- drm/sched: fix null-ptr-deref in init entity (git-fixes).\n- drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (git-fixes).\n- drm/sun4i: hdmi: Convert encoder to atomic (stable-fixes).\n- drm/sun4i: hdmi: Move mode_set into enable (stable-fixes).\n- drm/ttm: Always take the bo delayed cleanup path for imported bos (git-fixes).\n- drm/ttm: return ENOSPC from ttm_bo_mem_space v3 (stable-fixes).\n- drm/ttm: stop pooling cached NUMA pages v2 (git-fixes).\n- drm/udl: Remove DRM_CONNECTOR_POLL_HPD (git-fixes).\n- drm/vc4: do not check if plane-\u003estate-\u003efb == state-\u003efb (stable-fixes).\n- drm: vc4: Fix possible null pointer dereference (git-fixes).\n- drm/vc4: hdmi: do not return negative values from .get_modes() (stable-fixes).\n- drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes).\n- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-fixes).\n- drm/vmwgfx: Do not memcmp equivalent pointers (git-fixes).\n- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).\n- drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes).\n- drm/vmwgfx: Fix crtc\u0027s atomic check conditional (git-fixes).\n- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).\n- drm/vmwgfx: Fix Legacy Display Unit (git-fixes).\n- drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency (stable-fixes).\n- drm/vmwgfx: Fix prime import/export (git-fixes).\n- drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).\n- drm: zynqmp_dpsub: Always register bridge (git-fixes).\n- drm: zynqmp_dpsub: Fix an error handling path in zynqmp_dpsub_probe() (git-fixes).\n- drm: zynqmp_kms: Fix AUX bus not getting unregistered (git-fixes).\n- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)\n- dump_stack: Do not get cpu_sync for panic CPU (bsc#1225607).\n- dyndbg: fix old BUG_ON in \u003econtrol parser (stable-fixes).\n- e1000e: Minor flow correction in e1000_shutdown function (git-fixes).\n- e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (git-fixes).\n- e1000e: Workaround for sporadic MDI error on Meteor Lake systems (git-fixes).\n- ecryptfs: Fix buffer size for tag 66 packet (git-fixes)\n- ecryptfs: Reject casefold directory inodes (git-fixes)\n- EDAC/synopsys: Fix ECC status and IRQ control race condition (git-fixes).\n- Edit \u0027amdkfd: use calloc instead of kzalloc to avoid integer overflow\u0027 Reference CVE and bug numbers.\n- eeprom: at24: Probe for DDR3 thermal sensor in the SPD case (stable-fixes).\n- eeprom: digsy_mtc: Fix 93xx46 driver probe failure (git-fixes).\n- efi: disable mirror feature during crashkernel (stable-fixes).\n- efi: fix panic in kdump kernel (git-fixes).\n- efi: libstub: only free priv.runtime_map when allocated (git-fixes).\n- efi/unaccepted: do not let /proc/vmcore try to access unaccepted memory (git-fixes).\n- efi/unaccepted: touch soft lockup during memory accept (git-fixes).\n- efi/x86: Free EFI memory map only when installing a new one (git-fixes).\n- Enable CONFIG_FIPS_SIGNATURE_SELFTEST (bsc#1222771)\n- Enable CONFIG_SCHED_CLUSTER=y on arm64 (jsc#PED-8701).\n- erofs: ensure m_llen is reset to 0 if metadata is invalid (git-fixes).\n- exfat: fix potential deadlock on __exfat_get_dentry_set (git-fixes).\n- extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).\n- f2fs: fix error path of __f2fs_build_free_nids (git-fixes).\n- fast_dput(): handle underflows gracefully (git-fixes)\n- fat: fix uninitialized field in nostale filehandles (git-fixes)\n- fbdev: fix incorrect address computation in deferred IO (git-fixes).\n- fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).\n- fbdev: sh7760fb: allow modular build (git-fixes).\n- fbdev: shmobile: fix snprintf truncation (git-fixes).\n- fbdev: sisfb: hide unused variables (git-fixes).\n- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).\n- fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).\n- filelock: fix potential use-after-free in posix_lock_inode (git-fixes).\n- firewire: core: use long bus reset on gap count error (stable-fixes).\n- firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes).\n- firmware: arm_scmi: Make raw debugfs entries non-seekable (git-fixes).\n- firmware: cs_dsp: Fix overflow checking of wmfw header (git-fixes).\n- firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (git-fixes).\n- firmware: cs_dsp: Return error if block header overflows file (git-fixes).\n- firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (git-fixes).\n- firmware: cs_dsp: Validate payload length before processing block (git-fixes).\n- firmware: dmi-id: add a release callback function (git-fixes).\n- firmware: dmi: Stop decoding on broken entry (stable-fixes).\n- firmware: psci: Fix return value from psci_system_suspend() (git-fixes).\n- firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).\n- firmware: tegra: bpmp: Return directly after a failed kzalloc() in get_filename() (stable-fixes).\n- firmware: turris-mox-rwtm: Do not complete if there are no waiters (git-fixes).\n- firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (git-fixes).\n- firmware: turris-mox-rwtm: Initialize completion before mailbox (git-fixes).\n- Fix a potential infinite loop in extract_user_to_sg() (git-fixes).\n- Fix build errors due to new UIO_MEM_DMA_COHERENT mess (git-fixes).\n- fpga: dfl-pci: add PCI subdevice ID for Intel D5005 card (stable-fixes).\n- fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes)\n- fs/9p: translate O_TRUNC into OTRUNC (git-fixes)\n- fs/file: fix the check in find_next_fd() (git-fixes).\n- fs: Fix error checking for d_hash_and_lookup() (git-fixes)\n- fs: indicate request originates from old mount API (git-fixes)\n- fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() (git-fixes).\n- fs: relax mount_setattr() permission checks (git-fixes)\n- fsverity: skip PKCS#7 parser when keyring is empty (git-fixes)\n- ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).\n- fuse: do not unhash root (bsc#1223946).\n- fuse: fix root lookup with nonzero generation (bsc#1223945).\n- fuse: verify {g,u}id mount options correctly (bsc#1228193).\n- geneve: fix header validation in geneve[6]_xmit_skb (git-fixes).\n- geneve: make sure to pull inner header in geneve_rx() (git-fixes).\n- genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() (git-fixes).\n- gfs2: convert to ctime accessor functions (git-fixes).\n- gfs2: Do not forget to complete delayed withdraw (git-fixes).\n- gfs2: Fix \u0027ignore unlock failures after withdraw\u0027 (git-fixes).\n- gfs2: Fix invalid metadata access in punch_hole (git-fixes).\n- gfs2: Get rid of gfs2_alloc_blocks generation parameter (git-fixes).\n- gfs2: Rename gfs2_lookup_{ simple =\u003e meta } (git-fixes).\n- gfs2: Use mapping-\u003egfp_mask for metadata inodes (git-fixes).\n- gpio: cdev: check for NULL labels when sanitizing them for irqs (git-fixes).\n- gpio: cdev: fix missed label sanitizing in debounce_setup() (git-fixes).\n- gpio: cdev: sanitize the label before requesting the interrupt (stable-fixes).\n- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).\n- gpio: davinci: Validate the obtained number of IRQs (git-fixes).\n- gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes).\n- gpiolib: cdev: fix uninitialised kfifo (git-fixes).\n- gpiolib: cdev: relocate debounce_period_us from struct gpio_desc (stable-fixes).\n- gpiolib: swnode: Remove wrong header inclusion (git-fixes).\n- gpio: lpc32xx: fix module autoloading (stable-fixes).\n- gpio: mc33880: Convert comma to semicolon (git-fixes).\n- gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (stable-fixes).\n- gpio: tangier: Use correct type for the IRQ chip data (git-fixes).\n- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (git-fixes).\n- gpio: tqmx86: fix broken IRQ_TYPE_EDGE_BOTH interrupt type (git-fixes).\n- gpio: tqmx86: fix typo in Kconfig label (git-fixes).\n- gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes).\n- gpio: tqmx86: store IRQ trigger type and unmask status separately (git-fixes).\n- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).\n- gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).\n- gtp: fix use-after-free and null-ptr-deref in gtp_newlink() (git-fixes).\n- hfsplus: fix to avoid false alarm of circular locking (git-fixes).\n- hfsplus: fix uninit-value in copy_name (git-fixes).\n- HID: Add quirk for Logitech Casa touchpad (stable-fixes).\n- HID: amd_sfh: Handle \u0027no sensors\u0027 in PM operations (git-fixes).\n- HID: core: remove unnecessary WARN_ON() in implement() (git-fixes).\n- HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (git-fixes).\n- HID: Ignore battery for ELAN touchscreens 2F2C and 4116 (stable-fixes).\n- HID: input: avoid polling stylus battery on Chromebook Pompom (stable-fixes).\n- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).\n- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev-\u003edevc (git-fixes).\n- HID: logitech-dj: allow mice to use all types of reports (git-fixes).\n- HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git-fixes).\n- HID: mcp-2221: cancel delayed_work only when CONFIG_IIO is enabled (stable-fixes).\n- HID: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes).\n- HID: wacom: Modify pen IDs (git-fixes).\n- hpet: Support 32-bit userspace (git-fixes).\n- hwmon: (adt7475) Fix default duty on fan is disabled (git-fixes).\n- hwmon: (amc6821) add of_match table (stable-fixes).\n- hwmon: (corsair-cpro) Protect ccp-\u003ewait_input_report with a spinlock (git-fixes).\n- hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes).\n- hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes).\n- hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor (git-fixes).\n- hwmon: (lm70) fix links in doc and comments (git-fixes).\n- hwmon: (max6697) Fix swapped temp{1,8} critical alarms (git-fixes).\n- hwmon: (max6697) Fix underflow when writing limit attributes (git-fixes).\n- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).\n- hwmon: (shtc1) Fix property misspelling (git-fixes).\n- hwrng: amd - Convert PCIBIOS_* return codes to errnos (git-fixes).\n- hwrng: core - Fix wrong quality calculation at hw rng registration (git-fixes).\n- hwtracing: hisi_ptt: Move type check to the beginning of hisi_ptt_pmu_event_init() (git-fixes).\n- i2c: acpi: Unbind mux adapters before delete (git-fixes).\n- i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes).\n- i2c: cadence: Avoid fifo clear after start (git-fixes).\n- i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes).\n- i2c: i801: Annotate apanel_addr as __ro_after_init (stable-fixes).\n- i2c: mark HostNotify target address as used (git-fixes).\n- i2c: ocores: set IACK bit after core is enabled (git-fixes).\n- i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr (git-fixes).\n- i2c: pxa: hide unused icr_bits[] variable (git-fixes).\n- i2c: rcar: bring hardware to known state when probing (git-fixes).\n- i2c: smbus: fix NULL function pointer dereference (git-fixes).\n- i2c: synquacer: Fix an error handling path in synquacer_i2c_probe() (git-fixes).\n- i2c: testunit: avoid re-issued work after read message (git-fixes).\n- i2c: testunit: correct Kconfig description (git-fixes).\n- i2c: testunit: discard write requests while old command is running (git-fixes).\n- i2c: testunit: do not erase registers after STOP (git-fixes).\n- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes).\n- i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes).\n- i40e: disable NAPI right after disabling irqs when handling xsk_pool (git-fixes).\n- i40e: Enforce software interrupt during busy-poll exit (git-fixes).\n- i40e: Fix firmware version comparison function (git-fixes).\n- i40e: fix i40e_count_filters() to count only active/new filters (git-fixes).\n- i40e: fix: remove needless retries of NVM update (bsc#1227736).\n- i40e: Fix VF MAC filter removal (git-fixes).\n- i40e: fix vf may be used uninitialized in this function warning (git-fixes).\n- i915: make inject_virtual_interrupt() void (stable-fixes).\n- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)\n- ice: fix enabling RX VLAN filtering (git-fixes).\n- ice: fix memory corruption bug with suspend and rebuild (git-fixes).\n- ice: fix stats being updated by way too large values (git-fixes).\n- ice: fix typo in assignment (git-fixes).\n- ice: fix uninitialized dplls mutex usage (git-fixes).\n- ice: reconfig host after changing MSI-X on VF (git-fixes).\n- ice: Refactor FW data type and fix bitmap casting issue (git-fixes).\n- ice: reorder disabling IRQ and NAPI in ice_qp_dis (git-fixes).\n- ice: use relative VSI index for VFs instead of PF VSI number (git-fixes).\n- ice: virtchnl: stop pretending to support RSS over AQ or registers (git-fixes).\n- ida: make \u0027ida_dump\u0027 static (git-fixes).\n- idma64: Do not try to serve interrupts when device is powered off (git-fixes).\n- idpf: disable local BH when scheduling napi for marker packets (git-fixes).\n- idpf: extend tx watchdog timeout (bsc#1224137).\n- idpf: fix kernel panic on unknown packet types (git-fixes).\n- igb: extend PTP timestamp adjustments to i211 (git-fixes).\n- igb: Fix missing time sync events (git-fixes).\n- igc: avoid returning frame twice in XDP_REDIRECT (git-fixes).\n- igc: Fix missing time sync events (git-fixes).\n- igc: Remove stale comment about Tx timestamping (git-fixes).\n- iio: accel: fxls8962af: select IIO_BUFFER \u0026 IIO_KFIFO_BUF (git-fixes).\n- iio: accel: mxc4005: allow module autoloading via OF compatible (stable-fixes).\n- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).\n- iio: accel: mxc4005: Reset chip on probe() and resume() (stable-fixes).\n- iio: adc: ad7266: Fix variable checking bug (git-fixes).\n- iio: adc: ad9467: fix scan type sign (git-fixes).\n- iio: adc: ad9467: use chip_info variables instead of array (stable-fixes).\n- iio: adc: ad9467: use spi_get_device_match_data() (stable-fixes).\n- iio: adc: stm32: Fixing err code to not indicate success (git-fixes).\n- iio: chemical: bme680: Fix calibration data variable (git-fixes).\n- iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes).\n- iio: chemical: bme680: Fix pressure value output (git-fixes).\n- iio: chemical: bme680: Fix sensor data read operation (git-fixes).\n- iio: core: Leave private pointer NULL when no private data supplied (git-fixes).\n- iio: dac: ad5592r: fix temperature channel scaling value (git-fixes).\n- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).\n- iio: Fix the sorting functionality in iio_gts_build_avail_time_table (git-fixes).\n- iio: frequency: adrf6780: rm clk provider include (git-fixes).\n- iio: gts-helper: Fix division loop (git-fixes).\n- iio:imu: adis16475: Fix sync mode setting (git-fixes).\n- iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes).\n- iio: pressure: bmp280: Fix BMP580 temperature reading (stable-fixes).\n- iio: pressure: dps310: support negative temperature values (git-fixes).\n- iio: pressure: Fixes BME280 SPI driver data (git-fixes).\n- iio: pressure: fix some word spelling errors (stable-fixes).\n- iio: xilinx-ams: Do not include ams_ctrl_channels in scan_mask (git-fixes).\n- inet_diag: annotate data-races around inet_diag_table[] (git-fixes).\n- inet: frags: eliminate kernel-doc warning (git-fixes).\n- init/main.c: Fix potential static_command_line memory overflow (git-fixes).\n- init: open /initrd.image with O_LARGEFILE (stable-fixes).\n- input: Add event code for accessibility key (stable-fixes).\n- input: Add support for \u0027Do Not Disturb\u0027 (stable-fixes).\n- Input: ads7846 - use spi_device_id table (stable-fixes).\n- Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes).\n- Input: elan_i2c - do not leave interrupt disabled on suspend failure (git-fixes).\n- Input: elantech - fix touchpad state on resume for Lenovo N24 (stable-fixes).\n- Input: ff-core - prefer struct_size over open coded arithmetic (stable-fixes).\n- Input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes).\n- Input: i8042 - add Ayaneo Kun to i8042 quirk table (stable-fixes).\n- Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes).\n- Input: imagis - use FIELD_GET where applicable (stable-fixes).\n- Input: ims-pcu - fix printf string overflow (git-fixes).\n- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).\n- Input: qt1050 - handle CHIP_ID reading error (git-fixes).\n- Input: silead - Always support 10 fingers (stable-fixes).\n- Input: synaptics-rmi4 - fail probing if memory allocation for \u0027phys\u0027 fails (stable-fixes).\n- input/touchscreen: imagis: Correct the maximum touch area value (stable-fixes).\n- Input: xpad - add additional HyperX Controller Identifiers (stable-fixes).\n- Input: xpad - add support for ASUS ROG RAIKIRI (git-fixes).\n- Input: xpad - add support for ASUS ROG RAIKIRI PRO (stable-fixes).\n- Input: xpad - add support for Snakebyte GAMEPADs (stable-fixes).\n- intel: legacy: Partial revert of field get conversion (git-fixes).\n- intel_th: pci: Add Granite Rapids SOC support (stable-fixes).\n- intel_th: pci: Add Granite Rapids support (stable-fixes).\n- intel_th: pci: Add Lunar Lake support (stable-fixes).\n- intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes).\n- intel_th: pci: Add Meteor Lake-S support (stable-fixes).\n- intel_th: pci: Add Sapphire Rapids SOC support (stable-fixes).\n- interconnect: qcom: osm-l3: Replace custom implementation of COUNT_ARGS() (git-fixes).\n- interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment (git-fixes).\n- interconnect: qcom: qcm2290: Fix mas_snoc_bimc RPM master ID (git-fixes).\n- interconnect: qcom: sc8180x: Mark CO0 BCM keepalive (git-fixes).\n- interconnect: qcom: sm8550: Enable sync_state (git-fixes).\n- iomap: clear the per-folio dirty bits on all writeback failures (git-fixes)\n- iommu/amd: Enhance def_domain_type to handle untrusted device (git-fixes).\n- iommu/amd: Fix panic accessing amd_iommu_enable_faulting (bsc#1224767).\n- iommu/amd: Fix sysfs leak in iommu init (git-fixes).\n- iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA (git-fixes).\n- iommu/arm-smmu-v3: Free MSIs in case of ENOMEM (git-fixes).\n- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)\n- iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).\n- iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest (git-fixes).\n- iommufd: Fix iopt_access_list_id overwrite bug (git-fixes).\n- iommufd/iova_bitmap: Bounds check mapped::pages access (git-fixes).\n- iommufd/iova_bitmap: Consider page offset for the pages to be pinned (git-fixes).\n- iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array (git-fixes).\n- iommufd: Reject non-zero data_type if no data_len is provided (git-fixes).\n- iommu: Fix compilation without CONFIG_IOMMU_INTEL (git-fixes).\n- iommu: Map reserved memory as cacheable if device is coherent (git-fixes).\n- iommu: mtk: fix module autoloading (git-fixes).\n- iommu: Return right value in iommu_sva_bind_device() (git-fixes).\n- iommu: Undo pasid attachment only for the devices that have succeeded (git-fixes).\n- iommu/vt-d: Allocate DMAR fault interrupts locally (bsc#1224767).\n- iommu/vt-d: Allocate local memory for page request queue (git-fixes).\n- iommu/vt-d: Fix WARN_ON in iommu probe path (git-fixes).\n- iommu/vt-d: Fix wrong use of pasid config (git-fixes).\n- iommu/vt-d: Improve ITE fault handling if target device isn\u0027t present (git-fixes).\n- iommu/vt-d: Set SSADE when attaching to a parent with dirty tracking (git-fixes).\n- iommu/vt-d: Use rbtree to track iommu probed devices (git-fixes).\n- ionic: set adminq irq affinity (git-fixes).\n- io_uring: clean rings on NO_MMAP alloc fail (git-fixes).\n- io_uring: clear opcode specific data for an early failure (git-fixes).\n- io_uring: do not save/restore iowait state (git-fixes).\n- io_uring: fail NOP if non-zero op flags is passed in (git-fixes).\n- io_uring: Fix io_cqring_wait() not restoring sigmask on get_timespec64() failure (git-fixes).\n- io_uring: fix io_queue_proc modifying req-\u003eflags (git-fixes).\n- io_uring: fix mshot io-wq checks (git-fixes).\n- io_uring: fix mshot read defer taskrun cqe posting (git-fixes).\n- io_uring: fix poll_remove stalled req completion (git-fixes).\n- io_uring/io-wq: avoid garbage value of \u0027match\u0027 in io_wq_enqueue() (git-fixes).\n- io_uring/io-wq: Use set_bit() and test_bit() at worker-\u003eflags (git-fixes).\n- io_uring: kabi cookie remove (bsc#1217384).\n- io_uring/kbuf: get rid of bl-\u003eis_ready (git-fixes).\n- io_uring/kbuf: get rid of lower BGID lists (git-fixes). Including kabi preservation patch.\n- io_uring/kbuf: protect io_buffer_list teardown with a reference (git-fixes). Reuses a padding space in the structure.\n- io_uring/kbuf: rename is_mapped (git-fixes).\n- io_uring/net: correctly handle multishot recvmsg retry setup (git-fixes).\n- io_uring/net: correct the type of variable (git-fixes).\n- io_uring/net: fix sendzc lazy wake polling (git-fixes).\n- io_uring/net: move receive multishot out of the generic msghdr path (git-fixes).\n- io_uring/net: restore msg_control on sendzc retry (git-fixes).\n- io_uring/net: unify how recvmsg and sendmsg copy in the msghdr (git-fixes).\n- io_uring: remove looping around handling traditional task_work (git-fixes).\n- io_uring: remove unconditional looping in local task_work handling (git-fixes).\n- io_uring/rsrc: do not lock while !TASK_RUNNING (git-fixes).\n- io_uring/rsrc: fix incorrect assignment of iter-\u003enr_segs in io_import_fixed (git-fixes).\n- io_uring/rw: do not allow multishot reads without NOWAIT support (git-fixes).\n- io_uring/rw: return IOU_ISSUE_SKIP_COMPLETE for multishot retry (git-fixes).\n- io_uring/sqpoll: work around a potential audit memory leak (git-fixes).\n- io_uring/unix: drop usage of io_uring socket (git-fixes).\n- io_uring: use private workqueue for exit work (git-fixes).\n- io_uring: use the right type for work_llist empty check (git-fixes).\n- io-wq: write next_work before dropping acct_lock (git-fixes).\n- ipmi: ssif_bmc: prevent integer overflow on 32bit systems (git-fixes).\n- ipv4: annotate data-races around fi-\u003efib_dead (git-fixes).\n- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)\n- irqchip/alpine-msi: Fix off-by-one in allocation error path (git-fixes).\n- irqchip/armada-370-xp: Suppress unused-function warning (git-fixes).\n- irqchip/gic-v3-its: Do not assume vPE tables are preallocated (git-fixes).\n- irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-fixes).\n- irqchip/gic-v3-its: Prevent double free on error (git-fixes).\n- irqchip/loongson-pch-msi: Fix off-by-one on allocation error path (git-fixes).\n- irqchip/mbigen: Do not use bus_get_dev_root() to find the parent (git-fixes).\n- irqchip/renesas-rzg2l: Add macro to retrieve TITSR register offset based on register\u0027s index (stable-fixes).\n- irqchip/renesas-rzg2l: Flush posted write in irq_eoi() (git-fixes).\n- irqchip/renesas-rzg2l: Implement restriction when writing ISCR register (stable-fixes).\n- irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger type (git-fixes).\n- irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi() (stable-fixes).\n- irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi() (stable-fixes).\n- iwlwifi: fw: fix more kernel-doc warnings (bsc#1227149).\n- iwlwifi: mvm: Drop unused fw_trips_index[] from iwl_mvm_thermal_device (bsc#1227149).\n- iwlwifi: mvm: Populate trip table before registering thermal zone (bsc#1227149).\n- iwlwifi: mvm: Use for_each_thermal_trip() for walking trip points (bsc#1227149).\n- ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa() (git-fixes).\n- ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (git-fixes).\n- jffs2: Fix potential illegal address access in jffs2_free_inode (git-fixes).\n- jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).\n- jfs: Fix array-index-out-of-bounds in diFree (git-fixes).\n- jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227383).\n- kABI: Adjust trace_iterator.wait_index (git-fixes).\n- kABI: bpf: verifier kABI workaround (bsc#1225903).\n- kABI fix of KVM: x86/pmu: Allow programming events that match unsupported arch events (bsc#1225696).\n- kABI fix of KVM: x86/pmu: Prioritize VMX interception over\n- kABI fix of KVM: x86: Snapshot if a vCPU\u0027s vendor model is AMD vs. Intel compatible (git-fixes).\n- kabi fix of perf/x86/intel: Expose existence of callback support to KVM (git fixes).\n- kabi/severities: cleanup and update for WiFi driver entries (bsc#1227149)\n- kabi/severities: cover all ath/* drivers (bsc#1227149) All symbols in ath/* network drivers are local and can be ignored\n- kabi/severities: cover all mt76 modules (bsc#1227149)\n- kabi/severities: ignore amd pds internal symbols\n- kabi/severities: ignore brcmfmac-specific local symbols\n- kabi/severities: ignore IMS functions They were dropped in previous patches. Noone is supposed to use them.\n- kabi/severities: Ignore io_uring internal symbols\n- kabi/severities: ignore kABI changes Realtek WiFi drivers (bsc#1227149) All those symbols are local and used for its own helpers\n- kabi/severities: ignore TAS2781 symbol drop, it\u0027s only locally used\n- kabi/severities: ignore Wangxun ethernet driver local symbols\n- kabi/severities: Remove mitigation-related symbols Those are used by the core kernel to implement CPU vulnerabilities mitigation and are not expected to be consumed by 3rd party users.\n- kabi: Use __iowriteXX_copy_inlined for in-kernel modules (bsc#1226502)\n- kABI workaround for cs35l56 (git-fixes).\n- kABI workaround for of driver changes (git-fixes).\n- kABI workaround for sof_ipc_pcm_ops (git-fixes).\n- kABI workaround for wireless updates (bsc#1227149).\n- kasan: disable kasan_non_canonical_hook() for HW tags (git-fixes).\n- kasan, fortify: properly rename memintrinsics (git-fixes).\n- kasan: print the original fault addr when access invalid shadow (git-fixes).\n- kasan/test: avoid gcc warning for intentional overflow (git-fixes).\n- kbuild: avoid build error when single DTB is turned into composite DTB (git-fixes).\n- kbuild: Fix build target deb-pkg: ln: failed to create hard link (git-fixes).\n- kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes).\n- kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1 (stable-fixes).\n- kconfig: doc: fix a typo in the note about \u0027imply\u0027 (git-fixes).\n- kconfig: fix comparison to constant symbols, \u0027m\u0027, \u0027n\u0027 (git-fixes).\n- kconfig: fix infinite loop when expanding a macro at the end of file (git-fixes).\n- kconfig: gconf: give a proper initial state to the Save button (stable-fixes).\n- kconfig: remove wrong expr_trans_bool() (stable-fixes).\n- kcov: do not lose track of remote references during softirqs (git-fixes).\n- kernel-binary: vdso: Own module_dir\n- kernel-doc: fix struct_group_tagged() parsing (git-fixes).\n- kexec: do syscore_shutdown() in kernel_kexec (git-fixes).\n- KEYS: trusted: Do not use WARN when encode fails (git-fixes).\n- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).\n- kheaders: explicitly define file modes for archived headers (stable-fixes).\n- knfsd: LOOKUP can return an illegal error value (git-fixes).\n- kobject_uevent: Fix OOB access within zap_modalias_env() (git-fixes).\n- kprobe/ftrace: bail out if ftrace was killed (git-fixes).\n- kprobe/ftrace: fix build error due to bad function definition (git-fixes).\n- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).\n- kselftest: Add a ksft_perror() helper (stable-fixes).\n- kunit: Fix checksum tests on big endian CPUs (git-fixed).\n- kunit/fortify: Fix mismatched kvalloc()/vfree() usage (git-fixes).\n- KVM: arm64: Use local TLBI on permission relaxation (bsc#1219478).\n- KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).\n- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224790).\n- KVM: SEV-ES: Delegate LBR virtualization to the processor (git-fixes).\n- KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent (git-fixes).\n- KVM: SVM: Add support for allowing zero SEV ASIDs (git-fixes).\n- KVM: SVM: Flush pages under kvm-\u003elock to fix UAF in svm_register_enc_region() (git-fixes).\n- KVM: SVM: Use unsigned integers when dealing with ASIDs (git-fixes).\n- KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (git-fixes).\n- KVM: VMX: Disable LBR virtualization if the CPU does not support LBR callstacks (git-fixes).\n- KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).\n- KVM: x86: Allow, do not ignore, same-value writes to immutable MSRs (git-fixes).\n- KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (git-fixes).\n- KVM: x86: Do not advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (git-fixes).\n- KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).\n- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (git-fixes).\n- KVM: x86: Introduce __kvm_get_hypervisor_cpuid() helper (git-fixes).\n- KVM: x86: Mark target gfn of emulated atomic instruction as dirty (git-fixes).\n- KVM: x86/mmu: Do not force emulation of L2 accesses to non-APIC internal slots (git-fixes).\n- KVM: x86/mmu: Move private vs. shared check above slot validity checks (git-fixes).\n- KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU (git-fixes).\n- KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status (git-fixes).\n- KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if APICv is enabled (git-fixes).\n- KVM: x86/pmu: Allow programming events that match unsupported arch events (git-fixes).\n- KVM: x86/pmu: Always treat Fixed counters as available when supported (git-fixes).\n- KVM: x86/pmu: Apply \u0027fast\u0027 RDPMC only to Intel PMUs (git-fixes).\n- KVM: x86/pmu: Disable support for adaptive PEBS (git-fixes).\n- KVM: x86/pmu: Disallow \u0027fast\u0027 RDPMC for architectural Intel PMUs (git-fixes).\n- KVM: x86/pmu: Do not ignore bits 31:30 for RDPMC index on AMD (git-fixes).\n- KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms (git-fixes).\n- KVM: x86/pmu: Explicitly check NMI from guest to reducee false positives (git-fixes).\n- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (bsc#1226158).\n- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (git-fixes).\n- KVM: x86/pmu: Set enable bits for GP counters in PERF_GLOBAL_CTRL at \u0027RESET\u0027 (git-fixes).\n- KVM: x86/pmu: Zero out PMU metadata on AMD if PMU is disabled (git-fixes).\n- KVM: x86: Snapshot if a vCPU\u0027s vendor model is AMD vs. Intel compatible (git-fixes).\n- KVM: x86: Use actual kvm_cpuid.base for clearing KVM_FEATURE_PV_UNHALT (git-fixes).\n- KVM: x86/xen: fix recursive deadlock in timer injection (git-fixes).\n- KVM: x86/xen: improve accuracy of Xen timers (git-fixes).\n- KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled (git-fixes).\n- KVM: x86/xen: remove WARN_ON_ONCE() with false positives in evtchn delivery (git-fixes).\n- leds: flash: leds-qcom-flash: Test the correct variable in init (git-fixes).\n- leds: mt6360: Fix memory leak in mt6360_init_isnk_properties() (git-fixes).\n- leds: pwm: Disable PWM when going to suspend (git-fixes).\n- leds: ss4200: Convert PCIBIOS_* return codes to errnos (git-fixes).\n- leds: triggers: Flush pending brightness before activating trigger (git-fixes).\n- leds: trigger: Unregister sysfs attributes before calling deactivate() (git-fixes).\n- libceph: fix race between delayed_work() and ceph_monc_stop() (bsc#1228192).\n- libnvdimm: Fix ACPI_NFIT in BLK_DEV_PMEM help (jsc#PED-5853).\n- lib: objagg: Fix general protection fault (git-fixes).\n- lib: objagg: Fix spelling (git-fixes).\n- libperf evlist: Avoid out-of-bounds access (git-fixes).\n- libsubcmd: Fix parse-options memory leak (git-fixes).\n- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (git-fixes).\n- lib: test_objagg: Fix spelling (git-fixes).\n- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).\n- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes)\n- lsm: fix the logic in security_inode_getsecctx() (git-fixes).\n- mac802154: fix llsec key resources release in mac802154_llsec_key_del (git-fixes).\n- mac802154: fix time calculation in ieee802154_configure_durations() (git-fixes).\n- mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (git-fixes).\n- maple_tree: fix mas_empty_area_rev() null pointer dereference (git-fixes).\n- md: add a new helper rdev_has_badblock() (jsc#PED-7542).\n- md: add a new helper reshape_interrupted() (jsc#PED-7542).\n- md: changed the switch of RAID_VERSION to if (jsc#PED-7542).\n- md: check mddev-\u003epers before calling md_set_readonly() (jsc#PED-7542).\n- md: clean up invalid BUG_ON in md_ioctl (jsc#PED-7542).\n- md: clean up openers check in do_md_stop() and md_set_readonly() (jsc#PED-7542).\n- md/dm-raid: do not call md_reap_sync_thread() directly (jsc#PED-7542).\n- md: Do not clear MD_CLOSING when the raid is about to stop (jsc#PED-7542).\n- md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (jsc#PED-7542).\n- md: export helper md_is_rdwr() (jsc#PED-7542).\n- md: export helpers to stop sync_thread (jsc#PED-7542).\n- md: factor out a helper to sync mddev (jsc#PED-7542).\n- md: fix kmemleak of rdev-\u003eserial (jsc#PED-7542).\n- md: get rdev-\u003emddev with READ_ONCE() (jsc#PED-7542).\n- md: merge the check of capabilities into md_ioctl_valid() (jsc#PED-7542).\n- md: preserve KABI in struct md_personality (jsc#PED-7542).\n- md/raid1-10: add a helper raid1_check_read_range() (jsc#PED-7542).\n- md/raid1-10: factor out a new helper raid1_should_read_first() (jsc#PED-7542).\n- md/raid1: factor out choose_bb_rdev() from read_balance() (jsc#PED-7542).\n- md/raid1: factor out choose_slow_rdev() from read_balance() (jsc#PED-7542).\n- md/raid1: factor out helpers to add rdev to conf (jsc#PED-7542).\n- md/raid1: factor out helpers to choose the best rdev from read_balance() (jsc#PED-7542).\n- md/raid1: factor out read_first_rdev() from read_balance() (jsc#PED-7542).\n- md/raid1: factor out the code to manage sequential IO (jsc#PED-7542).\n- md/raid1: fix choose next idle in read_balance() (jsc#PED-7542).\n- md/raid1: record nonrot rdevs while adding/removing rdevs to conf (jsc#PED-7542).\n- md: remove redundant check of \u0027mddev-\u003esync_thread\u0027 (jsc#PED-7542).\n- md: remove redundant md_wakeup_thread() (jsc#PED-7542).\n- md: return directly before setting did_set_md_closing (jsc#PED-7542).\n- md: sync blockdev before stopping raid or setting readonly (jsc#PED-7542).\n- md: use RCU lock to protect traversal in md_spares_need_change() (jsc#PED-7542).\n- media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes).\n- media: cadence: csi2rx: use match fwnode for media link (git-fixes).\n- media: cec: core: remove length check of Timer Status (stable-fixes).\n- media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).\n- media: dvb: as102-fe: Fix as10x_register_addr packing (stable-fixes).\n- media: dvbdev: Initialize sbuf (stable-fixes).\n- media: dvb-frontends: tda10048: Fix integer overflow (stable-fixes).\n- media: dvb-frontends: tda18271c2dd: Remove casting during div (stable-fixes).\n- media: dvb-usb: dib0700_devices: Add missing release_firmware() (stable-fixes).\n- media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (git-fixes).\n- media: dw2102: Do not translate i2c read into write (stable-fixes).\n- media: dw2102: fix a potential buffer overflow (git-fixes).\n- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).\n- media: i2c: et8ek8: Do not strip remove function when driver is builtin (git-fixes).\n- media: i2c: Fix imx412 exposure control (git-fixes).\n- media: imon: Fix race getting ictx-\u003elock (git-fixes).\n- media: imx-jpeg: Drop initial source change event if capture has been setup (git-fixes).\n- media: imx-jpeg: Remove some redundant error logs (git-fixes).\n- media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() (git-fixes).\n- media: ipu3-cio2: Request IRQ earlier (git-fixes).\n- media: lgdt3306a: Add a check against null-pointer-def (stable-fixes).\n- media: mc: Fix flags handling when creating pad links (stable-fixes).\n- media: mc: Fix graph walk in media_pipeline_start (git-fixes).\n- media: mc: mark the media devnode as registered from the, start (git-fixes).\n- media: mc: Rename pad variable to clarify intent (stable-fixes).\n- media: mxl5xx: Move xpt structures off stack (stable-fixes).\n- media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).\n- media: pci: ivtv: Add check for DMA map result (git-fixes).\n- media: radio-shark2: Avoid led_names truncations (git-fixes).\n- media: rcar-vin: Fix YUYV8_1X16 handling for CSI-2 (git-fixes).\n- media: rcar-vin: work around -Wenum-compare-conditional warning (git-fixes).\n- media: renesas: vsp1: Fix _irqsave and _irq mix (git-fixes).\n- media: renesas: vsp1: Store RPF partition configuration per RPF instance (git-fixes).\n- media: rkisp1: Fix IRQ handling due to shared interrupts (stable-fixes).\n- media: s2255: Use refcount_t instead of atomic_t for num_channels (stable-fixes).\n- media: sta2x11: fix irq handler cast (stable-fixes).\n- media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).\n- media: sunxi: a83-mips-csi2: also select GENERIC_PHY (git-fixes).\n- media: uvcvideo: Add quirk for Logitech Rally Bar (git-fixes).\n- media: uvcvideo: Fix integer overflow calculating timestamp (git-fixes).\n- media: uvcvideo: Override default flags (git-fixes).\n- media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes).\n- media: v4l2-subdev: Fix stream handling for crop API (git-fixes).\n- media: v4l: async: Fix NULL pointer dereference in adding ancillary links (git-fixes).\n- media: v4l: Do not turn on privacy LED if streamon fails (git-fixes).\n- media: v4l: subdev: Fix typo in documentation (git-fixes).\n- media: venus: fix use after free in vdec_close (git-fixes).\n- media: venus: flush all buffers in output plane streamoff (git-fixes).\n- mei: demote client disconnect warning on suspend to debug (stable-fixes).\n- mei: me: add arrow lake point H DID (stable-fixes).\n- mei: me: add arrow lake point S DID (stable-fixes).\n- mei: me: add lunar lake point M DID (stable-fixes).\n- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).\n- mei: me: release irq in mei_me_pci_resume error path (git-fixes).\n- Merge branch \u0027SLE15-SP6\u0027 (7c8fc2c7cc52) into \u0027SLE15-SP6-RT\u0027\n- mfd: omap-usb-tll: Use struct_size to allocate tll (git-fixes).\n- mfd: pm8008: Fix regmap irq chip initialisation (git-fixes).\n- misc: fastrpc: Avoid updating PD type for capability request (git-fixes).\n- misc: fastrpc: Copy the complete capability structure to user (git-fixes).\n- misc: fastrpc: Fix DSP capabilities request (git-fixes).\n- misc: fastrpc: Fix memory leak in audio daemon attach operation (git-fixes).\n- misc: fastrpc: Fix ownership reassignment of remote heap (git-fixes).\n- misc: fastrpc: Restrict untrusted app to attach to privileged PD (git-fixes).\n- misc: microchip: pci1xxxx: Fix a memory leak in the error handling of gp_aux_bus_probe() (git-fixes).\n- misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() (git-fixes).\n- mISDN: Fix a use after free in hfcmulti_tx() (git-fixes).\n- mISDN: fix MISDN_TIME_STAMP handling (git-fixes).\n- mlxbf_gige: call request_irq() after NAPI initialized (git-fixes).\n- mlxbf_gige: stop interface during shutdown (git-fixes).\n- mlxbf_gige: stop PHY during open() error paths (git-fixes).\n- mlxsw: Use refcount_t for reference counting (git-fixes).\n- mmc: core: Add HS400 tuning in HS400es initialization (stable-fixes).\n- mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes).\n- mmc: core: Avoid negative index with array access (git-fixes).\n- mmc: core: Do not force a retune before RPMB switch (stable-fixes).\n- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).\n- mmc: davinci: Do not strip remove function when driver is builtin (git-fixes).\n- mmc: omap: fix broken slot switch lookup (git-fixes).\n- mmc: omap: fix deferred probe (git-fixes).\n- mmc: omap: restore original power up/down steps (git-fixes).\n- mmc: sdhci-acpi: Add quirk to enable pull-up on the card-detect GPIO on Asus T100TA (git-fixes).\n- mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes).\n- mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes).\n- mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes).\n- mmc: sdhci: Add support for \u0027Tuning Error\u0027 interrupts (stable-fixes).\n- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).\n- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).\n- mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).\n- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).\n- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).\n- mmc: sdhci-brcmstb: check R1_STATUS for erase/trim/discard (git-fixes).\n- mmc: sdhci: Do not invert write-protect twice (git-fixes).\n- mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes).\n- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).\n- mmc: sdhci-omap: re-tuning is needed after a pm transition to support emmc HS200 mode (git-fixes).\n- mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes).\n- mm_init kABI workaround (git-fixes).\n- mm: memcg: do not periodically flush stats when memcg is disabled (bsc#1222525).\n- mm: memcg: use larger batches for proactive reclaim (bsc#1222522).\n- mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366).\n- mm,page_owner: Defer enablement of static branch (bsc#1222366).\n- mm,page_owner: drop unnecessary check (bsc#1222366).\n- mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).\n- mm,page_owner: Fix printing of stack records (bsc#1222366).\n- mm,page_owner: fix recursion (bsc#1222366).\n- mm,page_owner: Fix refcount imbalance (bsc#1222366).\n- mm: page_owner: fix wrong information in dump_page_owner (git-fixes).\n- mm,page_owner: Update metadata for tail pages (bsc#1222366).\n- mm/slab: make __free(kfree) accept error pointers (git-fixes).\n- modpost: Add \u0027.ltext\u0027 and \u0027.ltext.*\u0027 to TEXT_SECTIONS (stable-fixes).\n- module: do not ignore sysfs_create_link() failures (git-fixes).\n- mptcp: annotate data-races around msk-\u003ermem_fwd_alloc (git-fixes).\n- mptcp: fix bogus receive window shrinkage with multiple subflows (git-fixes).\n- mptcp: move __mptcp_error_report in protocol.c (git-fixes).\n- mptcp: process pending subflow error on close (git-fixes).\n- mptcp: Remove unnecessary test for __mptcp_init_sock() (git-fixes).\n- mt76: connac: move more mt7921/mt7915 mac shared code in connac lib (bsc#1227149).\n- mt76: mt7996: rely on mt76_sta_stats in mt76_wcid (bsc#1227149).\n- mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes).\n- mtd: diskonchip: work around ubsan link failure (stable-fixes).\n- mtd: partitions: redboot: Added conversion of operands to a larger type (stable-fixes).\n- mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes).\n- mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes).\n- mtd: rawnand: Fix the nand_read_data_op() early check (git-fixes).\n- mtd: rawnand: hynix: fixed typo (git-fixes).\n- mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes).\n- mtd: spinand: Add support for 5-byte IDs (stable-fixes).\n- net: add netdev_lockdep_set_classes() to virtual drivers (git-fixes).\n- net: annotate data-races around sk-\u003esk_bind_phc (git-fixes).\n- net: annotate data-races around sk-\u003esk_forward_alloc (git-fixes).\n- net: annotate data-races around sk-\u003esk_lingertime (git-fixes).\n- net: annotate data-races around sk-\u003esk_tsflags (git-fixes).\n- net: bonding: remove kernel-doc comment marker (git-fixes).\n- net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes).\n- net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes).\n- net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes).\n- net: cfg802154: fix kernel-doc notation warnings (git-fixes).\n- net/dcb: check for detached device before executing callbacks (bsc#1215587).\n- net: dsa: microchip: fix register write order in ksz8_ind_write8() (git-fixes).\n- net: dsa: mt7530: fix handling of all link-local frames (git-fixes).\n- net: dsa: mt7530: fix link-local frames that ingress vlan filtering ports (git-fixes).\n- net: dsa: mt7530: prevent possible incorrect XTAL frequency selection (git-fixes).\n- net: dsa: mt7530: trap link-local frames regardless of ST Port State (git-fixes).\n- net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45() (git-fixes).\n- net: ena: Fix incorrect descriptor free behavior (git-fixes).\n- net: ena: Fix potential sign extension issue (git-fixes).\n- net: ena: Fix redundant device NUMA node override (jsc#PED-8688).\n- net: ena: Move XDP code to its new files (git-fixes).\n- net: ena: Pass ena_adapter instead of net_device to ena_xmit_common() (git-fixes).\n- net: ena: Remove ena_select_queue (git-fixes).\n- net: ena: Set tx_info-\u003exdpf value to NULL (git-fixes).\n- net: ena: Use tx_ring instead of xdp_ring for XDP channel TX (git-fixes).\n- net: ena: Wrong missing IO completions check order (git-fixes).\n- net: ethernet: mtk_eth_soc: fix PPE hanging issue (git-fixes).\n- net: ethernet: mtk_wed: introduce mtk_wed_buf structure (bsc#1227149).\n- net: ethernet: mtk_wed: rename mtk_rxbm_desc in mtk_wed_bm_desc (bsc#1227149).\n- net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio (git-fixes).\n- net: fec: Set mac_managed_pm during probe (git-fixes).\n- net: fill in MODULE_DESCRIPTION()s in kuba@\u0027s modules (bsc#1227149).\n- netfilter: nf_tables: disable toggling dormant table state more than once (git-fixes).\n- netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID (git-fixes).\n- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).\n- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes).\n- net: hns3: fix index limit to support all queue stats (git-fixes).\n- net: hns3: fix kernel crash when 1588 is received on HIP08 devices (git-fixes).\n- net: hns3: fix kernel crash when devlink reload during pf initialization (git-fixes).\n- net: hns3: fix port duplex configure error in IMP reset (git-fixes).\n- net: hns3: fix wrong judgment condition issue (git-fixes).\n- net: hns3: mark unexcuted loopback test result as UNEXECUTED (git-fixes).\n- net: hns3: Remove io_stop_wc() calls after __iowrite64_copy() (bsc#1226502)\n- net: hns3: tracing: fix hclgevf trace event strings (git-fixes).\n- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (git-fixes).\n- net: ks8851: Handle softirqs at the end of IRQ thread to fix hang (git-fixes).\n- net: ks8851: Inline ks8851_rx_skb() (git-fixes).\n- net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs (git-fixes).\n- net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips (git-fixes).\n- net: lan743x: disable WOL upon resume to restore full data path operation (git-fixes).\n- net: lan743x: Support WOL at both the PHY and MAC appropriately (git-fixes).\n- net: libwx: fix memory leak on free page (git-fixes).\n- net: llc: fix kernel-doc notation warnings (git-fixes).\n- net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).\n- net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491).\n- net: mana: Fix possible double free in error handling path (git-fixes).\n- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).\n- net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes).\n- net: mediatek: mtk_eth_soc: clear MAC_MCR_FORCE_LINK only when MAC is up (git-fixes).\n- net/mlx5: Correctly compare pkt reformat ids (git-fixes).\n- net/mlx5e: Change the warning when ignore_flow_level is not supported (git-fixes).\n- net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit (git-fixes).\n- net/mlx5e: Fix MACsec state loss upon state update in offload path (git-fixes).\n- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (git-fixes).\n- net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes).\n- net/mlx5e: RSS, Block changing channels number when RXFH is configured (git-fixes).\n- net/mlx5e: RSS, Block XOR hash with over 128 channels (git-fixes).\n- net/mlx5: E-switch, Change flow rule destination checking (git-fixes).\n- net/mlx5: E-switch, store eswitch pointer before registering devlink_param (git-fixes).\n- net/mlx5e: Switch to using _bh variant of of spinlock API in port timestamping NAPI poll context (git-fixes).\n- net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (git-fixes).\n- net/mlx5: Fix fw reporter diagnose output (git-fixes).\n- net/mlx5: Fix MTMP register capability offset in MCAM register (git-fixes).\n- net/mlx5: Fix peer devlink set for SF representor devlink port (git-fixes).\n- net/mlx5: Lag, restore buckets number to default after hash LAG deactivation (git-fixes).\n- net/mlx5: offset comp irq index in name by one (git-fixes).\n- net/mlx5: Properly link new fs rules into the tree (git-fixes).\n- net/mlx5: Register devlink first under devlink lock (git-fixes).\n- net/mlx5: Restore mistakenly dropped parts in register devlink flow (git-fixes).\n- net/mlx5: SF, Stop waiting for FW as teardown was called (git-fixes).\n- net: nfc: remove inappropriate attrs check (stable-fixes).\n- net: NSH: fix kernel-doc notation warning (git-fixes).\n- net: pcs: xpcs: Return EINVAL in the internal methods (git-fixes).\n- net: phy: fix phy_read_poll_timeout argument type in genphy_loopback (git-fixes).\n- net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes).\n- net: phy: micrel: fix KSZ9477 PHY issues after suspend/resume (git-fixes).\n- net: phy: micrel: Fix potential null pointer dereference (git-fixes).\n- net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes).\n- net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping (git-fixes).\n- net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061 (git-fixes).\n- net: phy: microchip: lan87xx: reinit PHY after cable test (git-fixes).\n- net: phy: mxl-gpy: Remove interrupt mask clearing from config_init (git-fixes).\n- net: phy: phy_device: Fix PHY LED blinking code comment (git-fixes).\n- net: phy: phy_device: Prevent nullptr exceptions on ISR (git-fixes).\n- net: phy: phy_device: Prevent nullptr exceptions on ISR (stable-fixes).\n- net: ravb: Always process TX descriptor ring (git-fixes).\n- net: ravb: Let IP-specific receive function to interrogate descriptors (git-fixes).\n- net: Remove conditional threaded-NAPI wakeup based on task state (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- net/smc: bugfix for smcr v2 server connect success statistic (git-fixes).\n- net/smc: fix documentation of buffer sizes (git-fixes).\n- net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (git-fixes).\n- net: smsc95xx: add support for SYS TEC USB-SPEmodule1 (git-fixes).\n- net: sparx5: Fix use after free inside sparx5_del_mact_entry (git-fixes).\n- net: sparx5: fix wrong config being used when reconfiguring PCS (git-fixes).\n- net: sparx5: flower: fix fragment flags handling (git-fixes).\n- net: stmmac: dwmac-starfive: Add support for JH7100 SoC (git-fixes).\n- net: stmmac: Fix incorrect dereference in interrupt handlers (git-fixes).\n- net: stmmac: fix rx queue priority assignment (git-fixes).\n- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).\n- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).\n- net: tls: fix returned read length with async decrypt (bsc#1221858).\n- net: tls: fix use-after-free with partial reads and async (bsc#1221858).\n- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).\n- net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes).\n- net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).\n- net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes).\n- net: usb: ax88179_178a: improve link status logs (git-fixes).\n- net: usb: ax88179_178a: improve reset check (git-fixes).\n- net: usb: ax88179_178a: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: qmi_wwan: add Telit FN912 compositions (stable-fixes).\n- net: usb: qmi_wwan: add Telit FN920C04 compositions (git-fixes).\n- net:usb:qmi_wwan: support Rolling modules (stable-fixes).\n- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).\n- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).\n- net: usb: smsc95xx: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: sr9700: stop lying about skb-\u003etruesize (git-fixes).\n- net: Use sockaddr_storage for getsockopt(SO_PEERNAME) (git-fixes).\n- net: veth: do not manipulate GRO when using XDP (git-fixes).\n- net: wwan: t7xx: Split 64bit accesses to fix alignment issues (git-fixes).\n- net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes).\n- nfc/nci: Add the inconsistency check between the input data length and count (stable-fixes).\n- nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).\n- nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).\n- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).\n- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).\n- nf_conntrack: fix -Wunused-const-variable= (git-fixes).\n- NFC: trf7970a: disable all regulators on removal (git-fixes).\n- nfp: flower: handle acti_netdevs allocation failure (git-fixes).\n- NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847).\n- NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).\n- NFS: add barriers when testing for NFS_FSDATA_BLOCKED (git-fixes).\n- nfs: Avoid flushing many pages with NFS_FILE_SYNC (bsc#1218442).\n- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).\n- nfs: Block on write congestion (bsc#1218442).\n- nfs: Bump default write congestion size (bsc#1218442).\n- NFSD: change LISTXATTRS cookie encoding to big-endian (git-fixes).\n- NFSD: Convert the callback workqueue to use delayed_work (git-fixes).\n- nfsd: do not call locks_release_private() twice concurrently (git-fixes).\n- nfsd: Fix a regression in nfsd_setattr() (git-fixes).\n- NFSD: Fix checksum mismatches in the duplicate reply cache (git-fixes).\n- NFSD: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).\n- NFSD: fix LISTXATTRS returning more bytes than maxcount (git-fixes).\n- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).\n- NFSD: Fix nfsd_clid_class use of __string_len() macro (git-fixes).\n- nfsd: hold a lighter-weight client reference over CB_RECALL_ANY (git-fixes).\n- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).\n- NFSD: Reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes).\n- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).\n- NFSD: Retransmit callbacks after client reconnects (git-fixes).\n- nfs: Drop pointless check from nfs_commit_release_pages() (bsc#1218442).\n- nfs: drop the incorrect assertion in nfs_swap_rw() (git-fixes).\n- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).\n- NFS: Fix an off by one in root_nfs_cat() (git-fixes).\n- NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt (git-fixes).\n- nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (git-fixes).\n- NFS: Fix READ_PLUS when server does not support OP_READ_PLUS (git-fixes).\n- nfs: fix undefined behavior in nfs_block_bits() (git-fixes).\n- nfs: Fix up kabi after adding write_congestion_wait (bsc#1218442).\n- nfs: Handle error of rpc_proc_register() in nfs_net_init() (git-fixes).\n- nfs: keep server info for remounts (git-fixes).\n- nfs: Properly initialize server-\u003ewriteback (bsc#1218442).\n- NFS: Read unlock folio on nfs_page_create_from_folio() error (git-fixes).\n- NFSv4.1 enforce rootpath check in fs_location query (git-fixes).\n- NFSv4.1/pnfs: fix NFS with TLS in pnfs (git-fixes).\n- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).\n- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).\n- NFSv4: Fixup smatch warning for ambiguous return (git-fixes).\n- NFSv4.x: by default serialize open/close operations (bsc#1223863 bsc#1227362).\n- nilfs2: add missing check for inode numbers on directory entries (stable-fixes).\n- nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (git-fixes).\n- nilfs2: convert persistent object allocator to use kmap_local (git-fixes).\n- nilfs2: fix incorrect inode allocation from reserved inodes (git-fixes).\n- nilfs2: fix inode number range checks (stable-fixes).\n- nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (git-fixes).\n- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).\n- nilfs2: fix out-of-range warning (git-fixes).\n- nilfs2: fix potential bug in end_buffer_async_write (git-fixes).\n- nilfs2: fix potential hang in nilfs_detach_log_writer() (git-fixes).\n- nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).\n- nilfs2: fix use-after-free of timer for log writer thread (git-fixes).\n- nilfs2: make superblock data array index computation sparse friendly (git-fixes).\n- nilfs2: return the mapped address from nilfs_get_page() (stable-fixes).\n- nouveau: add an ioctl to report vram usage (stable-fixes).\n- nouveau: add an ioctl to return vram bar size (stable-fixes).\n- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).\n- nouveau: fix devinit paths to only handle display on GSP (git-fixes).\n- nouveau: fix function cast warning (git-fixes).\n- nouveau: fix instmem race condition around ptr stores (git-fixes).\n- nouveau/gsp: do not check devinit disable on GSP (git-fixes).\n- nouveau: lock the client object tree (stable-fixes).\n- nouveau: report byte usage in VRAM usage (git-fixes).\n- nouveau: reset the bo resource bus info after an eviction (git-fixes).\n- nouveau/uvmm: fix addr/range calcs for remap operations (git-fixes).\n- nvdimm: make nvdimm_bus_type const (jsc#PED-5853).\n- nvdimm/pmem: fix leak on dax_add_host() failure (jsc#PED-5853).\n- nvdimm/pmem: Treat alloc_dax() -EOPNOTSUPP failure as non-fatal (jsc#PED-5853).\n- nvme: cancel pending I/O if nvme controller is in terminal state (bsc#1226503). \n- nvme: do not retry authentication failures (bsc#1186716).\n- nvme-fabrics: short-circuit reconnect retries (bsc#1186716).\n- nvme-fc: do not wait in vain when unloading module (git-fixes).\n- nvme: find numa distance only if controller has valid numa id (git-fixes).\n- nvme: fix multipath batched completion accounting (git-fixes).\n- nvme: fix nvme_pr_* status code parsing (git-fixes).\n- nvme: fix reconnection fail due to reserved tag allocation (git-fixes).\n- nvme: fix warn output about shared namespaces without CONFIG_NVME_MULTIPATH (git-fixes).\n- nvme-multipath: fix io accounting on failover (git-fixes).\n- nvme-pci: Add quirk for broken MSIs (git-fixes).\n- nvme: return kernel error codes for admin queue connect (bsc#1186716).\n- nvmet-auth: replace pr_debug() with pr_err() to report an error (git-fixes).\n- nvmet-auth: return the error code to the nvmet_auth_host_hash() callers (git-fixes).\n- nvme/tcp: Add wq_unbound modparam for nvme_tcp_wq (bsc#1224049).\n- nvme-tcp: Export the nvme_tcp_wq to sysfs (bsc#1224049).\n- nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858).\n- nvmet-fc: abort command when there is no binding (git-fixes).\n- nvmet-fc: defer cleanup using RCU properly (git-fixes).\n- nvmet-fc: hold reference on hostport match (git-fixes).\n- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).\n- nvmet-fc: release reference on target port (git-fixes).\n- nvmet: fix ns enable/disable possible hang (git-fixes).\n- nvmet: fix nvme status code when namespace is disabled (git-fixes).\n- nvmet: lock config semaphore when accessing DH-HMAC-CHAP key (bsc#1186716).\n- nvmet-passthru: propagate status from id override functions (git-fixes).\n- nvmet: prevent sprintf() overflow in nvmet_subsys_nsid_exists() (git-fixes).\n- nvmet: return DHCHAP status codes from nvmet_setup_auth() (bsc#1186716).\n- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).\n- nvmet-tcp: fix possible memory leak when tearing down a controller (git-fixes).\n- ocfs2: adjust enabling place for la window (bsc#1219224).\n- ocfs2: fix DIO failure due to insufficient transaction credits (git-fixes).\n- ocfs2: fix races between hole punching and AIO+DIO (git-fixes).\n- ocfs2: fix sparse warnings (bsc#1219224).\n- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).\n- ocfs2: speed up chain-list searching (bsc#1219224).\n- ocfs2: use coarse time for new created files (git-fixes).\n- octeontx2-af: Add array index check (git-fixes).\n- octeontx2-af: Fix devlink params (git-fixes).\n- octeontx2-af: Fix issue with loading coalesced KPU profiles (git-fixes).\n- octeontx2-af: Fix NIX SQ mode and BP config (git-fixes).\n- Octeontx2-af: fix pause frame configuration in GMP mode (git-fixes).\n- octeontx2-af: Use matching wake_up API variant in CGX command interface (git-fixes).\n- octeontx2-af: Use separate handlers for interrupts (git-fixes).\n- octeontx2: Detect the mbox up or down message via register (git-fixes).\n- octeontx2-pf: check negative error code in otx2_open() (git-fixes).\n- octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation (git-fixes).\n- octeontx2-pf: Fix transmit scheduler resource leak (git-fixes).\n- octeontx2-pf: Send UP messages to VF only when VF is up (git-fixes).\n- octeontx2-pf: Use default max_active works instead of one (git-fixes).\n- octeontx2-pf: Wait till detach_resources msg is complete (git-fixes).\n- of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (git-fixes).\n- of: module: add buffer overflow check in of_modalias() (git-fixes).\n- of: module: prevent NULL pointer dereference in vsnprintf() (stable-fixes).\n- of: property: Add in-ports/out-ports support to of_graph_get_port_parent() (stable-fixes).\n- of: property: fix typo in io-channels (git-fixes).\n- of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing (git-fixes).\n- of: property: Improve finding the consumer of a remote-endpoint property (git-fixes).\n- of: property: Improve finding the supplier of a remote-endpoint property (git-fixes).\n- of: unittest: Fix compile in the non-dynamic case (git-fixes).\n- orangefs: fix out-of-bounds fsid access (git-fixes).\n- overflow: Allow non-type arg to type_max() and type_min() (stable-fixes).\n- PCI/AER: Block runtime suspend when handling errors (stable-fixes).\n- PCI/ASPM: Update save_state when configuration changes (bsc#1226915)\n- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).\n- PCI: Clear Secondary Status errors after enumeration (bsc#1226928)\n- PCI: Delay after FLR of Solidigm P44 Pro NVMe (stable-fixes).\n- PCI: Disable D3cold on Asus B1400 PCI-NVMe bridge (stable-fixes).\n- PCI: Do not wait for disconnected devices when resuming (git-fixes).\n- PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal (git-fixes).\n- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (stable-fixes).\n- PCI/DPC: Use FIELD_GET() (stable-fixes).\n- PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes).\n- PCI: dwc: Fix index 0 incorrectly being interpreted as a free ATU slot (git-fixes).\n- PCI: dw-rockchip: Fix initial PERST# GPIO value (git-fixes).\n- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).\n- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).\n- PCI: endpoint: Clean up error handling in vpci_scan_bus() (git-fixes).\n- PCI: endpoint: Fix error handling in epf_ntb_epc_cleanup() (git-fixes).\n- PCI: endpoint: pci-epf-test: Make use of cached \u0027epc_features\u0027 in pci_epf_test_core_init() (git-fixes).\n- PCI: Execute quirk_enable_clear_retrain_link() earlier (stable-fixes).\n- PCI: Extend ACS configurability (bsc#1228090).\n- PCI: Fix resource double counting on remove \u0026 rescan (git-fixes).\n- PCI: Fix typos in docs and comments (stable-fixes).\n- PCI: hv: Fix ring buffer size calculation (git-fixes).\n- PCI: Introduce cleanup helpers for device reference counts and locks (stable-fixes).\n- PCI: keystone: Do not enable BAR 0 for AM654x (git-fixes).\n- PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() (git-fixes).\n- PCI: keystone: Relocate ks_pcie_set/clear_dbi_mode() (git-fixes).\n- PCI: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).\n- PCI/MSI: Fix UAF in msi_capability_init (git-fixes).\n- PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (stable-fixes).\n- PCI/PM: Drain runtime-idle callbacks before driver removal (stable-fixes).\n- PCI: qcom: Add support for sa8775p SoC (git-fixes).\n- PCI: qcom: Disable ASPM L0s for sc8280xp, sa8540p and sa8295p (git-fixes).\n- PCI: qcom-ep: Disable resources unconditionally during PERST# assert (git-fixes).\n- PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() (git-fixes).\n- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).\n- PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (git-fixes).\n- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).\n- PCI: Simplify pcie_capability_clear_and_set_word() to ..._clear_word() (stable-fixes).\n- PCI: switchtec: Add support for PCIe Gen5 devices (stable-fixes).\n- PCI: switchtec: Use normal comment style (stable-fixes).\n- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).\n- PCI: tegra194: Set EP alignment restriction for inbound ATU (git-fixes).\n- PCI: vmd: Create domain symlink before pci_bus_add_devices() (bsc#1227363).\n- peci: linux/peci.h: fix Excess kernel-doc description warning (git-fixes).\n- perf annotate: Fix annotation_calc_lines() to pass correct address to get_srcline() (git-fixes).\n- perf annotate: Get rid of duplicate --group option item (git-fixes).\n- perf auxtrace: Fix multiple use of --itrace option (git-fixes).\n- perf bench internals inject-build-id: Fix trap divide when collecting just one DSO (git-fixes).\n- perf bench uprobe: Remove lib64 from libc.so.6 binary path (git-fixes).\n- perf bpf: Clean up the generated/copied vmlinux.h (git-fixes).\n- perf daemon: Fix file leak in daemon_session__control (git-fixes).\n- perf docs: Document bpf event modifier (git-fixes).\n- perf: Enqueue SIGTRAP always via task_work (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- perf evsel: Fix duplicate initialization of data-\u003eid in evsel__parse_sample() (git-fixes).\n- perf expr: Fix \u0027has_event\u0027 function for metric style events (git-fixes).\n- perf intel-pt: Fix unassigned instruction op (discovered by MemorySanitizer) (git-fixes).\n- perf jevents: Drop or simplify small integer values (git-fixes).\n- perf list: fix short description for some cache events (git-fixes).\n- perf lock contention: Add a missing NULL check (git-fixes).\n- perf metric: Do not remove scale from counts (git-fixes).\n- perf: Move irq_work_queue() where the event is prepared (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- perf pmu: Count sys and cpuid JSON events separately (git fixes).\n- perf pmu: Fix a potential memory leak in perf_pmu__lookup() (git-fixes).\n- perf pmu: Treat the msr pmu as software (git-fixes).\n- perf print-events: make is_event_supported() more robust (git-fixes).\n- perf probe: Add missing libgen.h header needed for using basename() (git-fixes).\n- perf record: Check conflict between \u0027--timestamp-filename\u0027 option and pipe mode before recording (git-fixes).\n- perf record: Fix debug message placement for test consumption (git-fixes).\n- perf record: Fix possible incorrect free in record__switch_output() (git-fixes).\n- perf: Remove perf_swevent_get_recursion_context() from perf_pending_task() (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- perf report: Avoid SEGV in report__setup_sample_type() (git-fixes).\n- perf sched timehist: Fix -g/--call-graph option failure (git-fixes).\n- perf script: Show also errors for --insn-trace option (git-fixes).\n- perf: Split __perf_pending_irq() out of perf_pending_irq() (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- perf srcline: Add missed addr2line closes (git-fixes).\n- perf stat: Avoid metric-only segv (git-fixes).\n- perf stat: Do not display metric header for non-leader uncore events (git-fixes).\n- perf stat: Do not fail on metrics on s390 z/VM systems (git-fixes).\n- perf symbols: Fix ownership of string in dso__load_vmlinux() (git-fixes).\n- perf tests: Apply attributes to all events in object code reading test (git-fixes).\n- perf test shell arm_coresight: Increase buffer size for Coresight basic tests (git-fixes).\n- perf tests: Make data symbol test wait for perf to start (bsc#1220045).\n- perf tests: Make \u0027test data symbol\u0027 more robust on Neoverse N1 (git-fixes).\n- perf tests: Skip data symbol test if buf1 symbol is missing (bsc#1220045).\n- perf thread: Fixes to thread__new() related to initializing comm (git-fixes).\n- perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() (git-fixes).\n- perf top: Uniform the event name for the hybrid machine (git-fixes).\n- perf top: Use evsel\u0027s cpus to replace user_requested_cpus (git-fixes).\n- perf ui browser: Avoid SEGV on title (git fixes).\n- perf ui browser: Do not save pointer to stack memory (git-fixes).\n- perf vendor events amd: Add Zen 4 memory controller events (git-fixes).\n- perf vendor events amd: Fix Zen 4 cache latency events (git-fixes).\n- perf/x86/amd/core: Avoid register reset when CPU is dead (git-fixes).\n- perf/x86/amd/lbr: Discard erroneous branch entries (git-fixes).\n- perf/x86/amd/lbr: Use freeze based on availability (git-fixes).\n- perf/x86: Fix out of range data (git-fixes).\n- perf/x86/intel/ds: Do not clear -\u003epebs_data_cfg for the last PEBS event (git-fixes).\n- perf/x86/intel: Expose existence of callback support to KVM (git-fixes).\n- phy: cadence-torrent: Check return value on register read (git-fixes).\n- phy: freescale: imx8m-pcie: fix pcie link-up instability (git-fixes).\n- phy: marvell: a3700-comphy: Fix hardcoded array size (git-fixes).\n- phy: marvell: a3700-comphy: Fix out of bounds read (git-fixes).\n- phy: rockchip: naneng-combphy: Fix mux on rk3588 (git-fixes).\n- phy: rockchip-snps-pcie3: fix bifurcation on rk3588 (git-fixes).\n- phy: rockchip-snps-pcie3: fix clearing PHP_GRF_PCIESEL_CON bits (git-fixes).\n- phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered (git-fixes).\n- pinctrl: armada-37xx: remove an unused variable (git-fixes).\n- pinctrl: baytrail: Fix selecting gpio pinctrl state (git-fixes).\n- pinctrl: core: fix possible memory leak when pinctrl_enable() fails (git-fixes).\n- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).\n- pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git-fixes).\n- pinctrl: freescale: mxs: Fix refcount of child (git-fixes).\n- pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback (git-fixes).\n- pinctrl: mediatek: paris: Rework support for PIN_CONFIG_{INPUT,OUTPUT}_ENABLE (git-fixes).\n- pinctrl/meson: fix typo in PDM\u0027s pin name (git-fixes).\n- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes).\n- pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs (git-fixes).\n- pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes).\n- pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).\n- pinctrl: renesas: r8a779g0: Fix CANFD5 suffix (git-fixes).\n- pinctrl: renesas: r8a779g0: Fix FXR_TXEN[AB] suffixes (git-fixes).\n- pinctrl: renesas: r8a779g0: Fix (H)SCIF1 suffixes (git-fixes).\n- pinctrl: renesas: r8a779g0: Fix (H)SCIF3 suffixes (git-fixes).\n- pinctrl: renesas: r8a779g0: Fix IRQ suffixes (git-fixes).\n- pinctrl: renesas: r8a779g0: FIX PWM suffixes (git-fixes).\n- pinctrl: renesas: r8a779g0: Fix TCLK suffixes (git-fixes).\n- pinctrl: renesas: r8a779g0: Fix TPU suffixes (git-fixes).\n- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes).\n- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes).\n- pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes).\n- pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes).\n- pinctrl: single: fix possible memory leak when pinctrl_enable() fails (git-fixes).\n- pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable() fails (git-fixes).\n- platform/chrome: cros_ec_debugfs: fix wrong EC message version (git-fixes).\n- platform/chrome: cros_ec_uart: properly fix race condition (git-fixes).\n- platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes (stable-fixes).\n- platform/x86: dell-smbios: Fix wrong token data in sysfs (git-fixes).\n- platform/x86/intel/tpmi: Handle error from tpmi_process_info() (stable-fixes).\n- platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes).\n- platform/x86: ISST: Add Grand Ridge to HPM CPU list (stable-fixes).\n- platform/x86: ISST: Add Granite Rapids-D to HPM CPU list (stable-fixes).\n- platform/x86: lg-laptop: Change ACPI device id (stable-fixes).\n- platform/x86: lg-laptop: Remove LGEX0815 hotkey handling (stable-fixes).\n- platform/x86: lg-laptop: Use ACPI device handle when evaluating WMAB/WMBB (stable-fixes).\n- platform/x86: thinkpad_acpi: Take hotkey_mutex during hotkey_exit() (git-fixes).\n- platform/x86: toshiba_acpi: Add quirk for buttons on Z830 (stable-fixes).\n- platform/x86: toshiba_acpi: Fix array out-of-bounds access (git-fixes).\n- platform/x86: toshiba_acpi: Fix quickstart quirk handling (git-fixes).\n- platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).\n- platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6\u0027 tablet (stable-fixes).\n- platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro (stable-fixes).\n- platform/x86: wireless-hotkey: Add support for LG Airplane Button (stable-fixes).\n- platform/x86: x86-android-tablets: Fix acer_b1_750_goodix_gpios name (stable-fixes).\n- platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes).\n- PM / devfreq: Synchronize devfreq_monitor_[start/stop] (stable-fixes).\n- PM: s2idle: Make sure CPUs will wakeup directly on resume (git-fixes).\n- pNFS/filelayout: fixup pNfs allocation modes (git-fixes).\n- Port \u0027certs: Move RSA self-test data to separate file\u0027.\n- powerpc/64s/radix/kfence: map __kfence_pool at page granularity (bsc#1223570 ltc#205770).\n- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).\n- powerpc/crypto/chacha-p10: Fix failure on non Power10 (bsc#1218205).\n- powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740).\n- powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks (git-fixes).\n- powerpc/prom: Add CPU info to hardware description string later (bsc#1215199).\n- powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).\n- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).\n- powerpc/pseries: make max polling consistent for longer H_CALLs (bsc#1215199).\n- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).\n- powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).\n- powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869).\n- powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).\n- power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).\n- power: supply: ab8500: Fix error handling when calling iio_read_channel_processed() (git-fixes).\n- power: supply: cros_usbpd: provide ID table for avoiding fallback match (stable-fixes).\n- power: supply: ingenic: Fix some error handling paths in ingenic_battery_get_property() (git-fixes).\n- power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator (git-fixes).\n- ppdev: Add an error check in register_device (git-fixes).\n- prctl: generalize PR_SET_MDWE support check to be per-arch (bsc#1225610).\n- Preparation update to v6.10-rc3-rt5 ((bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- printk: Add this_cpu_in_panic() (bsc#1225607).\n- printk: Adjust mapping for 32bit seq macros (bsc#1225607).\n- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1225607).\n- printk: Consolidate console deferred printing (bsc#1225607).\n- printk: Disable passing console lock owner completely during panic() (bsc#1225607).\n- printk: Do not take console lock for console_flush_on_panic() (bsc#1225607).\n- printk: For @suppress_panic_printk check for other CPU in panic (bsc#1225607).\n- printk: Keep non-panic-CPUs out of console lock (bsc#1225607).\n- printk: Let no_printk() use _printk() (bsc#1225618).\n- printk: nbcon: Relocate 32bit seq macros (bsc#1225607).\n- printk: Reduce console_unblank() usage in unsafe scenarios (bsc#1225607).\n- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1225607).\n- printk: ringbuffer: Clarify special lpos values (bsc#1225607).\n- printk: ringbuffer: Cleanup reader terminology (bsc#1225607).\n- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1225607).\n- printk: ringbuffer: Skip non-finalized records in panic (bsc#1225607).\n- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616).\n- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1225607).\n- printk: Wait for all reserved records with pr_flush() (bsc#1225607).\n- proc/kcore: do not try to access unaccepted memory (git-fixes).\n- pstore: inode: Convert mutex usage to guard(mutex) (stable-fixes).\n- pstore: inode: Only d_invalidate() is needed (git-fixes).\n- pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).\n- pwm: img: fix pwm clock lookup (git-fixes).\n- pwm: sti: Prepare removing pwm_chip from driver data (stable-fixes).\n- pwm: sti: Simplify probe function using devm functions (git-fixes).\n- pwm: stm32: Always do lazy disabling (git-fixes).\n- qibfs: fix dentry leak (git-fixes)\n- r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d (git-fixes).\n- r8169: skip DASH fw status checks when DASH is disabled (git-fixes).\n- random: handle creditable entropy from atomic process context (git-fixes).\n- RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300).\n- RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300).\n- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).\n- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).\n- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).\n- RDMA/bnxt_re: Fix the max msix vectors macro (git-fixes)\n- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)\n- RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw (git-fixes)\n- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes)\n- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)\n- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)\n- RDMA/hns: Fix GMV table pagesize (git-fixes)\n- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)\n- RDMA/hns: Fix UAF for cq async event (git-fixes)\n- RDMA/hns: Modify the print level of CQE error (git-fixes)\n- RDMA/hns: Use complete parentheses in macros (git-fixes)\n- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)\n- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).\n- RDMA/mana_ib: Ignore optional access flags for MRs (git-fixes).\n- RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)\n- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)\n- RDMA/mlx5: Change check for cacheable mkeys (git-fixes)\n- RDMA/mlx5: Ensure created mkeys always have a populated rb_key (git-fixes)\n- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)\n- RDMA/mlx5: Fix unwind flow as part of mlx5_ib_stage_init_init (git-fixes)\n- RDMA/mlx5: Follow rb_key.ats when creating new mkeys (git-fixes)\n- RDMA/mlx5: Remove extra unlock on error path (git-fixes)\n- RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent (git-fixes)\n- RDMA/restrack: Fix potential invalid address access (git-fixes)\n- RDMA/rxe: Allow good work requests to be executed (git-fixes)\n- RDMA/rxe: Fix data copy for IB_SEND_INLINE (git-fixes)\n- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)\n- RDMA/rxe: Fix responder length checking for UD request packets (git-fixes)\n- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)\n- RDMA/rxe: Fix the problem \u0027mutex_destroy missing\u0027 (git-fixes)\n- README.BRANCH: Remove copy of branch name\n- Reapply \u0027drm/qxl: simplify qxl_fence_wait\u0027 (stable-fixes).\n- Refresh ARM (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- Refresh kabi workaround ath updates (bsc#1227149#)\n- Refresh the previous ASoC patch, landed in subsystem tree (bsc#1228269)\n- regmap: Add regmap_read_bypassed() (git-fixes).\n- regmap-i2c: Subtract reg size from max_write (stable-fixes).\n- regmap: kunit: Ensure that changed bytes are actually different (stable-fixes).\n- regmap: maple: Fix cache corruption in regcache_maple_drop() (git-fixes).\n- regmap: maple: Fix uninitialized symbol \u0027ret\u0027 warnings (git-fixes).\n- regulator: bd71815: fix ramp values (git-fixes).\n- regulator: bd71828: Do not overwrite runtime voltages (git-fixes).\n- regulator: change devm_regulator_get_enable_optional() stub to return Ok (git-fixes).\n- regulator: change stubbed devm_regulator_get_enable to return Ok (git-fixes).\n- regulator: core: fix debugfs creation regression (git-fixes).\n- regulator: core: Fix modpost error \u0027regulator_get_regmap\u0027 undefined (git-fixes).\n- regulator: irq_helpers: duplicate IRQ name (stable-fixes).\n- regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).\n- regulator: tps65132: Add of_match table (stable-fixes).\n- regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes).\n- remoteproc: imx_rproc: Fix refcount mistake in imx_rproc_addr_init (git-fixes).\n- remoteproc: imx_rproc: Skip over memory region when node value is NULL (git-fixes).\n- remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs (git-fixes).\n- remoteproc: k3-r5: Fix IPC-only mode detection (git-fixes).\n- remoteproc: k3-r5: Jump to error handling labels in start/stop errors (git-fixes).\n- remoteproc: k3-r5: Wait for core0 power-up before powering up core1 (git-fixes).\n- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).\n- remoteproc: stm32: Fix incorrect type assignment returned by stm32_rproc_get_loaded_rsc_tablef (git-fixes).\n- remoteproc: stm32_rproc: Fix mailbox interrupts queuing (git-fixes).\n- remoteproc: virtio: Fix wdg cannot recovery remote processor (git-fixes).\n- Remove NTFSv3 from configs (bsc#1224429) References: bsc#1224429 comment#3 We only support fuse version of the NTFS-3g driver. Disable NTFSv3 from all configs. This was enabled in d016c04d731 (\u0027Bump to 6.4 kernel (jsc#PED-4593)\u0027)\n- Replace with mainline and sort\n- Revert \u0027ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default\u0027 (stable-fixes).\n- Revert \u0027ASoC: SOF: Intel: hda-dai-ops: only allocate/release streams for first CPU DAI\u0027 (stable-fixes).\n- Revert \u0027ASoC: SOF: Intel: hda-dai-ops: reset device count for SoundWire DAIs\u0027 (stable-fixes).\n- Revert \u0027build initrd without systemd\u0027 (bsc#1195775)\u0027 \n- Revert \u0027drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()\u0027 (stable-fixes).\n- Revert \u0027drm/amd/display: Fix sending VSC (+ colorimetry) packets for DP/eDP displays without PSR\u0027 (stable-fixes).\n- Revert \u0027drm/amdkfd: fix gfx_target_version for certain 11.0.3 devices\u0027 (stable-fixes).\n- Revert \u0027drm/bridge: tc358767: Set default CLRSIPO count\u0027 (stable-fixes).\n- Revert \u0027drm/bridge: ti-sn65dsi83: Fix enable error path\u0027 (git-fixes).\n- Revert \u0027drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor()\u0027 (stable-fixes).\n- Revert \u0027drm/qxl: simplify qxl_fence_wait\u0027 (git-fixes).\n- Revert \u0027gfs2: fix glock shrinker ref issues\u0027 (git-fixes).\n- Revert \u0027iommu/amd: Enable PCI/IMS\u0027 (git-fixes).\n- Revert \u0027iommu/vt-d: Enable PCI/IMS\u0027 (git-fixes).\n- Revert \u0027leds: led-core: Fix refcount leak in of_led_get()\u0027 (git-fixes).\n- Revert \u0027net/mlx5: Block entering switchdev mode with ns inconsistency\u0027 (git-fixes).\n- Revert \u0027net/mlx5e: Check the number of elements before walk TC rhashtable\u0027 (git-fixes).\n- Revert \u0027PCI/MSI: Provide IMS (Interrupt Message Store) support\u0027 (git-fixes).\n- Revert \u0027PCI/MSI: Provide pci_ims_alloc/free_irq()\u0027 (git-fixes).\n- Revert \u0027PCI/MSI: Provide stubs for IMS functions\u0027 (git-fixes).\n- Revert \u0027selinux: introduce an initial SID for early boot processes\u0027 (bsc#1208593) It caused a regression on ALP-current branch, kernel-obs-qa build failed.\n- Revert \u0027serial: core: only stop transmit when HW fifo is empty\u0027 (git-fixes).\n- Revert \u0027usb: cdc-wdm: close race between read and workqueue\u0027 (git-fixes).\n- Revert \u0027usb: musb: da8xx: Set phy in OTG mode by default\u0027 (stable-fixes).\n- Revert \u0027usb: phy: generic: Get the vbus supply\u0027 (git-fixes).\n- Revert \u0027wifi: ath11k: call ath11k_mac_fils_discovery() without condition\u0027 (bsc#1227149).\n- Revert \u0027wifi: ath12k: use ATH12K_PCI_IRQ_DP_OFFSET for DP IRQ\u0027 (bsc#1227149).\n- Revert \u0027wifi: iwlwifi: bump FW API to 90 for BZ/SC devices\u0027 (bsc#1227149).\n- ring-buffer: Do not set shortest_full when full target is hit (git-fixes).\n- ring-buffer: Fix a race between readers and resize checks (git-fixes).\n- ring-buffer: Fix full_waiters_pending in poll (git-fixes).\n- ring-buffer: Fix resetting of shortest_full (git-fixes).\n- ring-buffer: Fix waking up ring buffer readers (git-fixes).\n- ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).\n- ring-buffer: use READ_ONCE() to read cpu_buffer-\u003ecommit_page in concurrent environment (git-fixes).\n- ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes).\n- rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (git-fixes).\n- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.\n- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.\n- rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.\n- rtc: abx80x: Fix return value of nvmem callback on read (git-fixes).\n- rtc: cmos: Fix return value of nvmem callbacks (git-fixes).\n- rtc: interface: Add RTC offset to alarm after fix-up (git-fixes).\n- rtc: isl1208: Fix return value of nvmem callbacks (git-fixes).\n- rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).\n- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224792).\n- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223869).\n- s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224793).\n- s390/cpacf: Make use of invalid opcode produce a link error (git-fixes bsc#1227072).\n- s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1225133).\n- s390: Implement __iowrite32_copy() (bsc#1226502)\n- s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225136).\n- s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225134).\n- s390/ism: Properly fix receive message buffer allocation (git-fixes bsc#1223590).\n- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223871).\n- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223872).\n- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223874).\n- s390: Stop using weak symbols for __iowrite64_copy() (bsc#1226502)\n- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223870).\n- s390/vdso: drop \u0027-fPIC\u0027 from LDFLAGS (git-fixes bsc#1223593).\n- s390/vtime: fix average steal time calculation (git-fixes bsc#1221783).\n- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223592).\n- saa7134: Unchecked i2c_transfer function result fixed (git-fixes).\n- sched/balancing: Rename newidle_balance() =\u003e sched_balance_newidle() (bsc#1222173).\n- sched/core: Fix incorrect initialization of the \u0027burst\u0027 parameter in cpu_max_write() (bsc#1226791).\n- sched/debug: Update stale reference to sched_debug.c (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- sched/fair: Check root_domain::overload value before update (bsc#1222173).\n- sched/fair: Use helper functions to access root_domain::overload (bsc#1222173).\n- sched/psi: Select KERNFS as needed (git-fixes).\n- sched/topology: Optimize topology_span_sane() (bsc#1225053).\n- scsi: bfa: Fix function pointer type mismatch for hcb_qe-\u003ecbfn (git-fixes).\n- scsi: core: Consult supported VPD page list prior to fetching page (git-fixes).\n- scsi: core: Fix unremoved procfs host directory regression (git-fixes).\n- scsi: csiostor: Avoid function pointer casts (git-fixes).\n- scsi: hisi_sas: Modify the deadline for ata_wait_after_reset() (git-fixes).\n- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).\n- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).\n- scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).\n- scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842).\n- scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842).\n- scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).\n- scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842).\n- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).\n- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).\n- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).\n- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).\n- scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777).\n- scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842).\n- scsi: lpfc: Move NPIV\u0027s transport unregistration to after resource clean up (bsc#1221777).\n- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777).\n- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959).\n- scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777).\n- scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777).\n- scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842).\n- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).\n- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).\n- scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).\n- scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).\n- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes).\n- scsi: mylex: Fix sysfs buffer lengths (git-fixes).\n- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).\n- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).\n- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).\n- scsi: qla2xxx: Fix double free of fcport (bsc1221816).\n- scsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer (bsc1221816).\n- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).\n- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).\n- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).\n- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).\n- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).\n- scsi: qla2xxx: Update manufacturer detail (bsc1221816).\n- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).\n- scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes).\n- scsi: sg: Avoid race in error handling \u0026 drop bogus warn (git-fixes).\n- scsi: sg: Avoid sg device teardown race (git-fixes).\n- scsi: smartpqi: Fix disable_managed_interrupts (git-fixes).\n- sctp: annotate data-races around sk-\u003esk_wmem_queued (git-fixes).\n- sdhci-of-dwcmshc: disable PM runtime in dwcmshc_remove() (git-fixes).\n- selftests/binderfs: use the Makefile\u0027s rules, not Make\u0027s implicit rules (git-fixes).\n- selftests/bpf: add edge case backtracking logic test (bsc#1225756).\n- selftests/bpf: precision tracking test for BPF_NEG and BPF_END (bsc#1225756).\n- selftests/bpf: test case for callback_depth states pruning logic (bsc#1225903).\n- selftests/bpf: test if state loops are detected in a tricky case (bsc#1225903).\n- selftests/bpf: tests for iterating callbacks (bsc#1225903).\n- selftests/bpf: tests with delayed read/precision makrs in loop body (bsc#1225903).\n- selftests/bpf: test widening for iterating callbacks (bsc#1225903).\n- selftests/bpf: track string payload offset as scalar in strobemeta (bsc#1225903).\n- selftests/bpf: track tcp payload offset as scalar in xdp_synproxy (bsc#1225903).\n- selftests: default to host arch for LLVM builds (git-fixes).\n- selftests: fix OOM in msg_zerocopy selftest (git-fixes).\n- selftests: forwarding: Fix ping failure due to short timeout (git-fixes).\n- selftests/ftrace: Fix event filter target_func selection (stable-fixes).\n- selftests/ftrace: Limit length in subsystem-enable tests (git-fixes).\n- selftests: hsr: Extend the testsuite to also cover HSRv1 (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- selftests: hsr: Reorder the testsuite (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- selftests: hsr: Use `let\u0027 properly (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- selftests/kcmp: remove unused open mode (git-fixes).\n- selftests: kselftest: Fix build failure with NOLIBC (git-fixes).\n- selftests: kselftest: Mark functions that unconditionally call exit() as __noreturn (git-fixes).\n- selftests: make order checking verbose in msg_zerocopy selftest (git-fixes).\n- selftests/mm: compaction_test: fix incorrect write of zero to nr_hugepages (git-fixes).\n- selftests/mm: fix build warnings on ppc64 (stable-fixes).\n- selftests: mptcp: add ms units for tc-netem delay (stable-fixes).\n- selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval (git-fixes).\n- selftests/net: convert test_bridge_neigh_suppress.sh to run it in unique namespace (stable-fixes).\n- selftests: net: kill smcrouted in the cleanup logic in amt.sh (git-fixes).\n- selftests: net: move amt to socat for better compatibility (git-fixes).\n- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).\n- selftests/powerpc/dexcr: Add -no-pie to hashchk tests (git-fixes).\n- selftests/powerpc/papr-vpd: Fix missing variable initialization (jsc#PED-4486 git-fixes).\n- selftests/resctrl: fix clang build failure: use LOCAL_HDRS (git-fixes).\n- selftests/sigaltstack: Fix ppc64 GCC build (git-fixes).\n- selftests: sud_test: return correct emulated syscall value on RISC-V (stable-fixes).\n- selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC (git-fixes).\n- selftests: timers: Convert posix_timers test to generate KTAP output (stable-fixes).\n- selftests: timers: Fix abs() warning in posix_timers test (git-fixes).\n- selftests: timers: Fix posix_timers ksft_print_msg() warning (git-fixes).\n- selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior (stable-fixes).\n- selftests/timers/posix_timers: Reimplement check_timer_distribution() (git-fixes).\n- selftests: vxlan_mdb: Fix failures with old libnet (git-fixes).\n- selinux: avoid dereference of garbage after mount failure (git-fixes).\n- selinux: introduce an initial SID for early boot processes (bsc#1208593).\n- serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).\n- serial: 8250_dw: Revert: Do not reclock if already at correct rate (git-fixes).\n- serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).\n- serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup (git-fixes).\n- serial: bcm63xx-uart: fix tx after conversion to uart_port_tx_limited() (git-fixes).\n- serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).\n- serial: core: introduce uart_port_tx_limited_flags() (git-fixes).\n- serial: core: only stop transmit when HW fifo is empty (git-fixes).\n- serial: exar: adding missing CTI and Exar PCI ids (stable-fixes).\n- serial: imx: Introduce timeout when waiting on transmitter empty (stable-fixes).\n- serial: imx: Raise TX trigger level to 8 (stable-fixes).\n- serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes).\n- serial: Lock console when calling into driver before registration (git-fixes).\n- serial: max3100: Fix bitwise types (git-fixes).\n- serial: max3100: Lock port-\u003elock when calling uart_handle_cts_change() (git-fixes).\n- serial: max310x: fix NULL pointer dereference in I2C instantiation (git-fixes).\n- serial: max310x: fix syntax error in IRQ error message (git-fixes).\n- serial: mxs-auart: add spinlock around changing cts state (git-fixes).\n- serial: pch: Do not disable interrupts while acquiring lock in ISR (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- serial: pch: Do not initialize uart_port\u0027s spin_lock (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- serial: pch: Invoke handle_rx_to() directly (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- serial: pch: Make push_rx() return void (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n- serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).\n- serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes).\n- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes).\n- serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).\n- serial: stm32: Reset .throttled state in .startup() (git-fixes).\n- SEV: disable SEV-ES DebugSwap by default (git-fixes).\n- slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes).\n- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).\n- smb3: allow controlling length of time directory entries are cached with dir leases (git-fixes, bsc#1225172).\n- smb3: allow controlling maximum number of cached directories (git-fixes, bsc#1225172).\n- smb3: do not start laundromat thread when dir leases disabled (git-fixes, bsc#1225172).\n- smb: client: do not start laundromat thread on nohandlecache (git-fixes, bsc#1225172).\n- smb: client: make laundromat a delayed worker (git-fixes, bsc#1225172).\n- smb: client: prevent new fids from being removed by laundromat (git-fixes, bsc#1225172).\n- soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).\n- soc: fsl: qbman: Use raw spinlock for cgr_lock (git-fixes).\n- sock_diag: annotate data-races around sock_diag_handlers[family] (git-fixes).\n- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).\n- soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt (stable-fixes).\n- soc: qcom: pdr: fix parsing of domains lists (git-fixes).\n- soc: qcom: pdr: protect locator_addr with the main mutex (git-fixes).\n- soc: qcom: pmic_glink: do not traverse clients list without a lock (git-fixes).\n- soc: qcom: pmic_glink: Handle the return value of pmic_glink_init (git-fixes).\n- soc: qcom: pmic_glink: Make client-lock non-sleeping (git-fixes).\n- soc: qcom: pmic_glink: notify clients about the current state (git-fixes).\n- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).\n- soc: qcom: rpmh-rsc: Ensure irqs are not disabled by rpmh_rsc_send_data() callers (git-fixes).\n- soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (stable-fixes).\n- soc: xilinx: rename cpu_number1 to dummy_cpu_number (git-fixes).\n- soundwire: amd: fix for wake interrupt handling for clockstop mode (git-fixes).\n- soundwire: cadence: fix invalid PDI offset (stable-fixes).\n- speakup: Avoid crash on very long word (git-fixes).\n- speakup: Fix 8bit characters from direct synth (git-fixes).\n- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).\n- spi: atmel-quadspi: Add missing check for clk_prepare (git-fixes).\n- spi: cadence: Ensure data lines set to low during dummy-cycle period (stable-fixes).\n- spi: Do not mark message DMA mapped when no transfer in it is (git-fixes).\n- spi: fix null pointer dereference within spi_sync (git-fixes).\n- spi: imx: Do not expect DMA for i.MX{25,35,50,51,53} cspi devices (stable-fixes).\n- spi: intel-pci: Add support for Lunar Lake-M SPI serial flash (stable-fixes).\n- spi: lm70llp: fix links in doc and comments (git-fixes).\n- spi: lpspi: Avoid potential use-after-free in probe() (git-fixes).\n- spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe (git-fixes).\n- spi: microchip-core: defer asserting chip select until just before write to TX FIFO (git-fixes).\n- spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer (git-fixes).\n- spi: microchip-core: fix the issues in the isr (git-fixes).\n- spi: microchip-core: only disable SPI controller when register value change requires it (git-fixes).\n- spi: microchip-core-qspi: fix setting spi bus clock rate (git-fixes).\n- spi: mux: set ctlr-\u003ebits_per_word_mask (stable-fixes).\n- spi: spidev: add correct compatible for Rohm BH2228FV (git-fixes).\n- spi: spi-fsl-lpspi: remove redundant spi_controller_put call (git-fixes).\n- spi: spi-microchip-core: Fix the number of chip selects supported (git-fixes).\n- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).\n- spi: stm32: Do not warn about spurious interrupts (git-fixes).\n- spi: stm32: qspi: Clamp stm32_qspi_get_mode() output to CCR_BUSWIDTH_4 (git-fixes).\n- spi: stm32: qspi: Fix dual flash mode sanity test in stm32_qspi_setup() (git-fixes).\n- spi: xilinx: Fix kernel documentation in the xilinx_spi.h (git-fixes).\n- spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).\n- ssb: Fix potential NULL pointer dereference in ssb_device_uevent() (stable-fixes).\n- staging: vc04_services: changen strncpy() to strscpy_pad() (stable-fixes).\n- staging: vc04_services: fix information leak in create_component() (git-fixes).\n- staging: vt6655: Remove unused declaration of RFbAL7230SelectChannelPostProcess() (git-fixes).\n- stmmac: Clear variable when destroying workqueue (git-fixes).\n- struct acpi_ec kABI workaround (git-fixes).\n- SUNRPC: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272).\n- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).\n- SUNRPC: Fix gss_free_in_token_pages() (git-fixes).\n- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-fixes).\n- sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).\n- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).\n- SUNRPC: return proper error from gss_wrap_req_priv (git-fixes).\n- supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570)\n- supported.conf: Add support for v4l2-dv-timings (jsc#PED-8644)\n- supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional.\n- supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems.\n- supported.conf: mark vdpa modules supported (jsc#PED-8954)\n- supported.conf: support tcp_dctcp module (jsc#PED-8111)\n- supported.conf: update for mt76 stuff (bsc#1227149)\n- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331)\n- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)\n- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)\n- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)\n- swiotlb: use the calculated number of areas (git-fixes).\n- tcp: Dump bound-only sockets in inet_diag (bsc#1204562).\n- Temporarily drop KVM patch that caused a regression (bsc#1226158) \n- thermal: devfreq_cooling: Fix perf state when calculate dfc res_util (git-fixes).\n- thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data (stable-fixes).\n- thermal/drivers/mediatek/lvts_thermal: Return error in case of invalid efuse data (git-fixes).\n- thermal/drivers/qcom/lmh: Check for SCM availability at probe (git-fixes).\n- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).\n- thermal/of: Assume polling-delay(-passive) 0 when absent (stable-fixes).\n- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).\n- thunderbolt: debugfs: Fix margin debugfs node creation condition (git-fixes).\n- thunderbolt: Do not create DisplayPort tunnels on adapters of the same router (git-fixes).\n- thunderbolt: Fix wake configurations after device unplug (stable-fixes).\n- thunderbolt: Introduce tb_path_deactivate_hop() (stable-fixes).\n- thunderbolt: Introduce tb_port_reset() (stable-fixes).\n- thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4 routers (stable-fixes).\n- thunderbolt: Reset only non-USB4 host routers in resume (git-fixes).\n- tls: break out of main loop when PEEK gets a non-data record (bsc#1221858).\n- tls: do not skip over different type records from the rx_list (bsc#1221858).\n- tls: fix peeking with sync+async decryption (bsc#1221858).\n- tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858).\n- tools/arch/x86/intel_sdsi: Fix maximum meter bundle length (git-fixes).\n- tools/arch/x86/intel_sdsi: Fix meter_certificate decoding (git-fixes).\n- tools/arch/x86/intel_sdsi: Fix meter_show display (git-fixes).\n- tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).\n- tools/memory-model: Fix bug in lock.cat (git-fixes).\n- tools/power/cpupower: Fix Pstate frequency reporting on AMD Family 1Ah CPUs (stable-fixes).\n- tools/power turbostat: Expand probe_intel_uncore_frequency() (bsc#1221765).\n- tools/power/turbostat: Fix uncore frequency file string (bsc#1221765).\n- tools/power turbostat: Remember global max_die_id (stable-fixes).\n- tools: ynl: do not leak mcast_groups on init error (git-fixes).\n- tools: ynl: fix handling of multiple mcast groups (git-fixes).\n- tools: ynl: make sure we always pass yarg to mnl_cb_run (git-fixes).\n- tpm_tis: Do *not* flush uninitialized work (git-fixes).\n- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes).\n- tracefs: Add missing lockdown check to tracefs_create_dir() (git-fixes).\n- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).\n- tracing: Build event generation tests only as modules (git-fixes).\n- tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).\n- tracing: hide unused ftrace_event_id_fops (git-fixes).\n- tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).\n- tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset() (git-fixes).\n- tracing: Remove precision vsnprintf() check from print event (git-fixes).\n- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).\n- tracing: Use .flush() call to wake up readers (git-fixes).\n- tty: mcf: MCF54418 has 10 UARTS (git-fixes).\n- tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).\n- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).\n- tty: n_tty: Fix buffer offsets when lookahead is used (git-fixes).\n- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).\n- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).\n- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).\n- ubifs: fix sort function prototype (git-fixes).\n- ubifs: Queue up space reservation tasks if retrying many times (git-fixes).\n- ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).\n- ubifs: Set page uptodate in the correct place (git-fixes).\n- Update config files: adjust for Arm CONFIG_MT798X_WMAC (bsc#1227149)\n- Update config files (bsc#1227282). Update the CONFIG_LSM option to include the selinux LSM in the default set of LSMs. The selinux LSM will not get enabled because it is preceded by apparmor, which is the first exclusive LSM. Updating CONFIG_LSM resolves failures that result in the system not booting up when \u0027security=selinux selinux=1\u0027 is passed to the kernel and SELinux policies are installed.\n- Update config files. Disable N_GSM (jsc#PED-8240).\n- Update config files for mt76 stuff (bsc#1227149)\n- Update config files: update for the realtek wifi driver updates (bsc#1227149)\n- USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (stable-fixes).\n- usb: aqc111: stop lying about skb-\u003etruesize (git-fixes).\n- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).\n- usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes).\n- usb: cdc-wdm: close race between read and workqueue (git-fixes).\n- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).\n- USB: core: Add hub_get() and hub_put() routines (stable-fixes).\n- USB: core: Fix access violation during port device removal (git-fixes).\n- USB: core: Fix deadlock in port \u0027disable\u0027 sysfs attribute (stable-fixes).\n- USB: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).\n- USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (git-fixes).\n- usb: Disable USB3 LPM at shutdown (stable-fixes).\n- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).\n- usb: dwc2: gadget: LPM flow fix (git-fixes).\n- usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).\n- usb: dwc2: host: Fix hibernation flow (git-fixes).\n- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).\n- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).\n- usb: dwc3-am62: Disable wakeup at remove (git-fixes).\n- usb: dwc3-am62: fix module unload/reload behavior (git-fixes).\n- usb: dwc3-am62: Rename private data (git-fixes).\n- usb: dwc3: core: Add DWC31 version 2.00a controller (stable-fixes).\n- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).\n- usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes).\n- usb: dwc3: core: Workaround for CSR read timeout (stable-fixes).\n- usb: dwc3: pci: add support for the Intel Panther Lake (stable-fixes).\n- usb: dwc3: pci: Do not set \u0027linux,phy_charger_detect\u0027 property on Lenovo Yoga Tab2 1380 (stable-fixes).\n- usb: dwc3: pci: Drop duplicate ID (git-fixes).\n- usb: dwc3: Properly set system wakeup (git-fixes).\n- usb: dwc3: Wait unconditionally after issuing EndXfer command (git-fixes).\n- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (bsc#1220569).\n- usb: fotg210: Add missing kernel doc description (git-fixes).\n- usb: gadget: aspeed_udc: fix device address configuration (git-fixes).\n- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).\n- usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (stable-fixes).\n- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).\n- usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (git-fixes).\n- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).\n- usb: gadget: function: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).\n- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes).\n- usb: gadget: printer: fix races against disable (git-fixes).\n- usb: gadget: printer: SS+ support (stable-fixes).\n- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).\n- usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (git-fixes).\n- usb: gadget: uvc: configfs: ensure guid to be valid before set (stable-fixes).\n- usb: gadget: uvc: mark incomplete frames with UVC_STREAM_ERR (stable-fixes).\n- usb: gadget: uvc: use correct buffer size when parsing configfs lists (git-fixes).\n- usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (stable-fixes).\n- usb: musb: da8xx: fix a resource leak in probe() (git-fixes).\n- usb: ohci: Prevent missed ohci interrupts (git-fixes).\n- usb: phy: generic: Get the vbus supply (git-fixes).\n- USB: serial: add device ID for VeriFone adapter (stable-fixes).\n- USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).\n- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).\n- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).\n- USB: serial: mos7840: fix crash on resume (git-fixes).\n- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).\n- USB: serial: option: add Fibocom FM350-GL (stable-fixes).\n- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).\n- USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).\n- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).\n- USB: serial: option: add Rolling RW350-GL variants (stable-fixes).\n- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).\n- USB: serial: option: add support for Foxconn T99W651 (stable-fixes).\n- USB: serial: option: add Telit FN912 rmnet compositions (stable-fixes).\n- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).\n- USB: serial: option: add Telit generic core-dump composition (stable-fixes).\n- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).\n- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).\n- usb-storage: alauda: Check whether the media is initialized (git-fixes).\n- usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).\n- usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).\n- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).\n- usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).\n- usb: typec: tcpm: Correct port source pdo array in pd_set callback (git-fixes).\n- usb: typec: tcpm: Correct the PDO counting in pd_set (git-fixes).\n- usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd() (git-fixes).\n- usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git-fixes).\n- usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes).\n- usb: typec: tcpm: unregister existing source caps before re-registration (git-fixes).\n- usb: typec: tipd: fix event checking for tps6598x (git-fixes).\n- usb: typec: ucsi: Ack also failed Get Error commands (git-fixes).\n- usb: typec: ucsi: Ack unsupported commands (stable-fixes).\n- usb: typec: ucsi_acpi: Refactor and fix DELL quirk (git-fixes).\n- usb: typec: ucsi: always register a link to USB PD device (git-fixes).\n- usb: typec: ucsi: Check for notifications after init (git-fixes).\n- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).\n- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).\n- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).\n- usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).\n- usb: typec: ucsi: Fix connector check on init (git-fixes).\n- usb: typec: ucsi: Fix race between typec_switch and role_switch (git-fixes).\n- usb: typec: ucsi_glink: drop special handling for CCI_BUSY (stable-fixes).\n- usb: typec: ucsi: glink: fix child node release in probe function (git-fixes).\n- usb: typec: ucsi: Limit read size on v1.2 (stable-fixes).\n- usb: typec: ucsi: Never send a lone connector change ack (stable-fixes).\n- usb: typec: ucsi: simplify partner\u0027s PD caps registration (git-fixes).\n- USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).\n- usb: ucsi: stm32: fix command completion handling (git-fixes).\n- usb: udc: remove warning when queue disabled ep (stable-fixes).\n- USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git-fixes).\n- usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).\n- usb: xhci: correct return value in case of STS_HCE (git-fixes).\n- usb: xhci: Implement xhci_handshake_check_state() helper.\n- usb: xhci-plat: Do not include xhci.h (stable-fixes).\n- usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB (stable-fixes).\n- vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).\n- vboxsf: explicitly deny setlease attempts (stable-fixes).\n- vdpa/mlx5: Allow CVQ size changes (git-fixes).\n- vdpa_sim: reset must not run (git-fixes).\n- veth: try harder when allocating queue memory (git-fixes).\n- vhost: Add smp_rmb() in vhost_enable_notify() (git-fixes).\n- vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).\n- virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).\n- virtio_net: avoid data-races on dev-\u003estats fields (git-fixes).\n- virtio_net: checksum offloading handling fix (git-fixes).\n- virtio_net: Do not send RSS key if it is not supported (git-fixes).\n- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223944).\n- VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).\n- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes).\n- vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes).\n- vmlinux.lds.h: catch .bss..L* sections into BSS\u0027) (git-fixes).\n- vsock/virtio: fix packet delivery to tap device (git-fixes).\n- watchdog: bd9576: Drop \u0027always-running\u0027 property (git-fixes).\n- watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes).\n- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes).\n- watchdog: rzg2l_wdt: Check return status of pm_runtime_put() (git-fixes).\n- watchdog: rzg2l_wdt: Use pm_runtime_resume_and_get() (git-fixes).\n- watchdog: rzn1: Convert comma to semicolon (git-fixes).\n- watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe() (git-fixes).\n- wifi: add HAS_IOPORT dependencies (bsc#1227149).\n- wifi: ar5523: enable proper endpoint verification (git-fixes).\n- wifi: ar5523: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ath10/11/12k: Use alloc_ordered_workqueue() to create ordered workqueues (bsc#1227149).\n- wifi: ath10k: add missing wmi_10_4_feature_mask documentation (bsc#1227149).\n- wifi: ath10k: add support to allow broadcast action frame RX (bsc#1227149).\n- wifi: ath10k: Annotate struct ath10k_ce_ring with __counted_by (bsc#1227149).\n- wifi: ath10k: consistently use kstrtoX_from_user() functions (bsc#1227149).\n- wifi: ath10k: Convert to platform remove callback returning void (bsc#1227149).\n- wifi: ath10k: correctly document enum wmi_tlv_tx_pause_id (bsc#1227149).\n- wifi: ath10k: Drop checks that are always false (bsc#1227149).\n- wifi: ath10k: Drop cleaning of driver data from probe error path and remove (bsc#1227149).\n- wifi: ath10k: drop HTT_DATA_TX_STATUS_DOWNLOAD_FAIL (bsc#1227149).\n- wifi: ath10k: Fix a few spelling errors (bsc#1227149).\n- wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).\n- wifi: ath10k: Fix enum ath10k_fw_crash_dump_type kernel-doc (bsc#1227149).\n- wifi: ath10k: Fix htt_data_tx_completion kernel-doc warning (bsc#1227149).\n- wifi: ath10k: fix htt_q_state_conf \u0026 htt_q_state kernel-doc (bsc#1227149).\n- wifi: ath10k: fix QCOM_RPROC_COMMON dependency (git-fixes).\n- wifi: ath10k: fix Wvoid-pointer-to-enum-cast warning (bsc#1227149).\n- wifi: ath10k: improve structure padding (bsc#1227149).\n- wifi: ath10k: indicate to mac80211 scan complete with aborted flag for ATH10K_SCAN_STARTING state (bsc#1227149).\n- wifi: ath10k: poll service ready message before failing (git-fixes).\n- wifi: ath10k: populate board data for WCN3990 (git-fixes).\n- wifi: ath10k: remove ath10k_htc_record::pauload[] (bsc#1227149).\n- wifi: ath10k: remove duplicate memset() in 10.4 TDLS peer update (bsc#1227149).\n- wifi: ath10k: remove struct wmi_pdev_chanlist_update_event (bsc#1227149).\n- wifi: ath10k: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ath10k: Remove unused struct ath10k_htc_frame (bsc#1227149).\n- wifi: ath10k: remove unused template structs (bsc#1227149).\n- wifi: ath10k: replace deprecated strncpy with memcpy (bsc#1227149).\n- wifi: ath10k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).\n- wifi: ath10k: simplify __ath10k_htt_tx_txq_recalc() (bsc#1227149).\n- wifi: ath10k: simplify ath10k_peer_create() (bsc#1227149).\n- wifi: ath10k: Update Qualcomm Innovation Center, Inc. copyrights (bsc#1227149).\n- wifi: ath10k: Use DECLARE_FLEX_ARRAY() for ath10k_htc_record (bsc#1227149).\n- wifi: ath10k: use flexible array in struct wmi_host_mem_chunks (bsc#1227149).\n- wifi: ath10k: use flexible array in struct wmi_tdls_peer_capabilities (bsc#1227149).\n- wifi: ath10k: use flexible arrays for WMI start scan TLVs (bsc#1227149).\n- wifi: ath10k: Use list_count_nodes() (bsc#1227149).\n- wifi: ath11k: add chip id board name while searching board-2.bin for WCN6855 (bsc#1227149).\n- wifi: ath11k: Add coldboot calibration support for QCN9074 (bsc#1227149).\n- wifi: ath11k: add firmware-2.bin support (bsc#1227149).\n- wifi: ath11k: add handler for WMI_VDEV_SET_TPC_POWER_CMDID (bsc#1227149).\n- wifi: ath11k: Add HTT stats for PHY reset case (bsc#1227149).\n- wifi: ath11k: add parse of transmit power envelope element (bsc#1227149).\n- wifi: ath11k: add parsing of phy bitmap for reg rules (bsc#1227149).\n- wifi: ath11k: add support for QCA2066 (bsc#1227149).\n- wifi: ath11k: add support to select 6 GHz regulatory type (bsc#1227149).\n- wifi: ath11k: add WMI event debug messages (bsc#1227149).\n- wifi: ath11k: add WMI_TLV_SERVICE_EXT_TPC_REG_SUPPORT service bit (bsc#1227149).\n- wifi: ath11k: Allow ath11k to boot without caldata in ftm mode (bsc#1227149).\n- wifi: ath11k: ath11k_debugfs_register(): fix format-truncation warning (bsc#1227149).\n- wifi: ath11k: avoid forward declaration of ath11k_mac_start_vdev_delay() (bsc#1227149).\n- wifi: ath11k: call ath11k_mac_fils_discovery() without condition (bsc#1227149).\n- wifi: ath11k: Consistently use ath11k_vif_to_arvif() (bsc#1227149).\n- wifi: ath11k: Consolidate WMI peer flags (bsc#1227149).\n- wifi: ath11k: constify MHI channel and controller configs (bsc#1227149).\n- wifi: ath11k: Convert to platform remove callback returning void (bsc#1227149).\n- wifi: ath11k: debug: add ATH11K_DBG_CE (bsc#1227149).\n- wifi: ath11k: debug: remove unused ATH11K_DBG_ANY (bsc#1227149).\n- wifi: ath11k: debug: use all upper case in ATH11k_DBG_HAL (bsc#1227149).\n- wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).\n- wifi: ath11k: document HAL_RX_BUF_RBM_SW4_BM (bsc#1227149).\n- wifi: ath11k: Do not directly use scan_flags in struct scan_req_params (bsc#1227149).\n- wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes).\n- wifi: ath11k: do not use %pK (bsc#1227149).\n- wifi: ath11k: dp: cleanup debug message (bsc#1227149).\n- wifi: ath11k: driver settings for MBSSID and EMA (bsc#1227149).\n- wifi: ath11k: drop NULL pointer check in ath11k_update_per_peer_tx_stats() (bsc#1227149).\n- wifi: ath11k: drop redundant check in ath11k_dp_rx_mon_dest_process() (bsc#1227149).\n- wifi: ath11k: EMA beacon support (bsc#1227149).\n- wifi: ath11k: enable 36 bit mask for stream DMA (bsc#1227149).\n- wifi: ath11k: factory test mode support (bsc#1227149).\n- wifi: ath11k: fill parameters for vdev set tpc power WMI command (bsc#1227149).\n- wifi: ath11k: Fix a few spelling errors (bsc#1227149).\n- wifi: ath11k: fix a possible dead lock caused by ab-\u003ebase_lock (bsc#1227149).\n- wifi: ath11k: Fix ath11k_htc_record flexible record (bsc#1227149).\n- wifi: ath11k: fix ath11k_mac_op_remain_on_channel() stack usage (bsc#1227149).\n- wifi: ath11k: fix CAC running state during virtual interface start (bsc#1227149).\n- wifi: ath11k: fix connection failure due to unexpected peer delete (bsc#1227149).\n- wifi: ath11k: fix IOMMU errors on buffer rings (bsc#1227149).\n- wifi: ath11k: fix RCU documentation in ath11k_mac_op_ipv6_changed() (git-fixes).\n- wifi: ath11k: fix tid bitmap is 0 in peer rx mu stats (bsc#1227149).\n- wifi: ath11k: fix WCN6750 firmware crash caused by 17 num_vdevs (bsc#1227149).\n- wifi: ath11k: fix wrong definition of CE ring\u0027s base address (git-fixes).\n- wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).\n- wifi: ath11k: fix Wvoid-pointer-to-enum-cast warning (bsc#1227149).\n- wifi: ath11k: hal: cleanup debug message (bsc#1227149).\n- wifi: ath11k: htc: cleanup debug messages (bsc#1227149).\n- wifi: ath11k: initialize eirp_power before use (bsc#1227149).\n- wifi: ath11k: Introduce and use ath11k_sta_to_arsta() (bsc#1227149).\n- wifi: ath11k: mac: fix struct ieee80211_sband_iftype_data handling (bsc#1227149).\n- wifi: ath11k: MBSSID beacon support (bsc#1227149).\n- wifi: ath11k: MBSSID configuration during vdev create/start (bsc#1227149).\n- wifi: ath11k: MBSSID parameter configuration in AP mode (bsc#1227149).\n- wifi: ath11k: mhi: add a warning message for MHI_CB_EE_RDDM crash (bsc#1227149).\n- wifi: ath11k: move pci.ops registration ahead (bsc#1227149).\n- wifi: ath11k: move power type check to ASSOC stage when connecting to 6 GHz AP (bsc#1227149).\n- wifi: ath11k: move references from rsvd2 to info fields (bsc#1227149).\n- wifi: ath11k: pci: cleanup debug logging (bsc#1227149).\n- wifi: ath11k: print debug level in debug messages (bsc#1227149).\n- wifi: ath11k: provide address list if chip supports 2 stations (bsc#1227149).\n- wifi: ath11k: qmi: refactor ath11k_qmi_m3_load() (bsc#1227149).\n- wifi: ath11k: Really consistently use ath11k_vif_to_arvif() (bsc#1227149).\n- wifi: ath11k: refactor ath11k_wmi_tlv_parse_alloc() (bsc#1227149).\n- wifi: ath11k: refactor setting country code logic (stable-fixes).\n- wifi: ath11k: refactor vif parameter configurations (bsc#1227149).\n- wifi: ath11k: Relocate the func ath11k_mac_bitrate_mask_num_ht_rates() and change hweight16 to hweight8 (bsc#1227149).\n- wifi: ath11k: rely on mac80211 debugfs handling for vif (bsc#1227149).\n- wifi: ath11k: Remove ath11k_base::bd_api (bsc#1227149).\n- wifi: ath11k: remove ath11k_htc_record::pauload[] (bsc#1227149).\n- wifi: ath11k: Remove cal_done check during probe (bsc#1227149).\n- wifi: ath11k: remove invalid peer create logic (bsc#1227149).\n- wifi: ath11k: remove manual mask names from debug messages (bsc#1227149).\n- wifi: ath11k: Remove obsolete struct wmi_peer_flags_map *peer_flags (bsc#1227149).\n- wifi: ath11k: Remove scan_flags union from struct scan_req_params (bsc#1227149).\n- wifi: ath11k: Remove struct ath11k::ops (bsc#1227149).\n- wifi: ath11k: remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ath11k: Remove unneeded semicolon (bsc#1227149).\n- wifi: ath11k: remove unsupported event handlers (bsc#1227149).\n- wifi: ath11k: Remove unused declarations (bsc#1227149).\n- wifi: ath11k: remove unused function ath11k_tm_event_wmi() (bsc#1227149).\n- wifi: ath11k: remove unused members of \u0027struct ath11k_base\u0027 (bsc#1227149).\n- wifi: ath11k: remove unused scan_events from struct scan_req_params (bsc#1227149).\n- wifi: ath11k: Remove unused struct ath11k_htc_frame (bsc#1227149).\n- wifi: ath11k: rename ath11k_start_vdev_delay() (bsc#1227149).\n- wifi: ath11k: rename MBSSID fields in wmi_vdev_up_cmd (bsc#1227149).\n- wifi: ath11k: rename the sc naming convention to ab (bsc#1227149).\n- wifi: ath11k: rename the wmi_sc naming convention to wmi_ab (bsc#1227149).\n- wifi: ath11k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).\n- wifi: ath11k: restore country code during resume (git-fixes).\n- wifi: ath11k: save max transmit power in vdev start response event from firmware (bsc#1227149).\n- wifi: ath11k: save power spectral density(PSD) of regulatory rule (bsc#1227149).\n- wifi: ath11k: Send HT fixed rate in WMI peer fixed param (bsc#1227149).\n- wifi: ath11k: simplify ath11k_mac_validate_vht_he_fixed_rate_settings() (bsc#1227149).\n- wifi: ath11k: simplify the code with module_platform_driver (bsc#1227149).\n- wifi: ath11k: Split coldboot calibration hw_param (bsc#1227149).\n- wifi: ath11k: store cur_regulatory_info for each radio (bsc#1227149).\n- wifi: ath11k: support 2 station interfaces (bsc#1227149).\n- wifi: ath11k: update proper pdev/vdev id for testmode command (bsc#1227149).\n- wifi: ath11k: Update Qualcomm Innovation Center, Inc. copyrights (bsc#1227149).\n- wifi: ath11k: update regulatory rules when connect to AP on 6 GHz band for station (bsc#1227149).\n- wifi: ath11k: update regulatory rules when interface added (bsc#1227149).\n- wifi: ath11k: Use device_get_match_data() (bsc#1227149).\n- wifi: ath11k: use kstrtoul_from_user() where appropriate (bsc#1227149).\n- wifi: ath11k: Use list_count_nodes() (bsc#1227149).\n- wifi: ath11k: use RCU when accessing struct inet6_dev::ac_list (bsc#1227149).\n- wifi: ath11k: use select for CRYPTO_MICHAEL_MIC (bsc#1227149).\n- wifi: ath11k: use WMI_VDEV_SET_TPC_POWER_CMDID when EXT_TPC_REG_SUPPORT for 6 GHz (bsc#1227149).\n- wifi: ath11k: wmi: add unified command debug messages (bsc#1227149).\n- wifi: ath11k: wmi: cleanup error handling in ath11k_wmi_send_init_country_cmd() (bsc#1227149).\n- wifi: ath11k: wmi: use common error handling style (bsc#1227149).\n- wifi: ath11k: workaround too long expansion sparse warnings (bsc#1227149).\n- wifi: ath12k: add 320 MHz bandwidth enums (bsc#1227149).\n- wifi: ath12k: add ath12k_qmi_free_resource() for recovery (bsc#1227149).\n- wifi: ath12k: add CE and ext IRQ flag to indicate irq_handler (bsc#1227149).\n- wifi: ath12k: add EHT PHY modes (bsc#1227149).\n- wifi: ath12k: add fallback board name without variant while searching board-2.bin (bsc#1227149).\n- wifi: ath12k: add firmware-2.bin support (bsc#1227149).\n- wifi: ath12k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED (bsc#1227149).\n- wifi: ath12k: add keep backward compatibility of PHY mode to avoid firmware crash (bsc#1227149).\n- wifi: ath12k: Add logic to write QRTR node id to scratch (bsc#1227149).\n- wifi: ath12k: add MAC id support in WBM error path (bsc#1227149).\n- wifi: ath12k: Add missing qmi_txn_cancel() calls (bsc#1227149).\n- wifi: ath12k: add MLO header in peer association (bsc#1227149).\n- wifi: ath12k: add msdu_end structure for WCN7850 (bsc#1227149).\n- wifi: ath12k: add P2P IE in beacon template (bsc#1227149).\n- wifi: ath12k: add parsing of phy bitmap for reg rules (bsc#1227149).\n- wifi: ath12k: add processing for TWT disable event (bsc#1227149).\n- wifi: ath12k: add processing for TWT enable event (bsc#1227149).\n- wifi: ath12k: add qmi_cnss_feature_bitmap field to hardware parameters (bsc#1227149).\n- wifi: ath12k: add QMI PHY capability learn support (bsc#1227149).\n- wifi: ath12k: add rcu lock for ath12k_wmi_p2p_noa_event() (bsc#1227149).\n- wifi: ath12k: add read variant from SMBIOS for download board data (bsc#1227149).\n- wifi: ath12k: add string type to search board data in board-2.bin for WCN7850 (bsc#1227149).\n- wifi: ath12k: add support for BA1024 (bsc#1227149).\n- wifi: ath12k: add support for collecting firmware log (bsc#1227149).\n- wifi: ath12k: add support for hardware rfkill for WCN7850 (bsc#1227149).\n- wifi: ath12k: add support for peer meta data version (bsc#1227149).\n- wifi: ath12k: add support one MSI vector (bsc#1227149).\n- wifi: ath12k: Add support to parse new WMI event for 6 GHz regulatory (bsc#1227149).\n- wifi: ath12k: add support to search regdb data in board-2.bin for WCN7850 (bsc#1227149).\n- wifi: ath12k: add wait operation for tx management packets for flush from mac80211 (bsc#1227149).\n- wifi: ath12k: add WMI support for EHT peer (bsc#1227149).\n- wifi: ath12k: advertise P2P dev support for WCN7850 (bsc#1227149).\n- wifi: ath12k: allow specific mgmt frame tx while vdev is not up (bsc#1227149).\n- wifi: ath12k: ath12k_start_vdev_delay(): convert to use ar (bsc#1227149).\n- wifi: ath12k: avoid deadlock by change ieee80211_queue_work for regd_update_work (bsc#1227149).\n- wifi: ath12k: avoid duplicated vdev stop (git-fixes).\n- wifi: ath12k: avoid explicit HW conversion argument in Rxdma replenish (bsc#1227149).\n- wifi: ath12k: avoid explicit mac id argument in Rxdma replenish (bsc#1227149).\n- wifi: ath12k: avoid explicit RBM id argument in Rxdma replenish (bsc#1227149).\n- wifi: ath12k: avoid repeated hw access from ar (bsc#1227149).\n- wifi: ath12k: avoid repeated wiphy access from hw (bsc#1227149).\n- wifi: ath12k: call ath12k_mac_fils_discovery() without condition (bsc#1227149).\n- wifi: ath12k: change DMA direction while mapping reinjected packets (git-fixes).\n- wifi: ath12k: change interface combination for P2P mode (bsc#1227149).\n- wifi: ath12k: change MAC buffer ring size to 2048 (bsc#1227149).\n- wifi: ath12k: change to initialize recovery variables earlier in ath12k_core_reset() (bsc#1227149).\n- wifi: ath12k: change to treat alpha code na as world wide regdomain (bsc#1227149).\n- wifi: ath12k: change to use dynamic memory for channel list of scan (bsc#1227149).\n- wifi: ath12k: change WLAN_SCAN_PARAMS_MAX_IE_LEN from 256 to 512 (bsc#1227149).\n- wifi: ath12k: check hardware major version for WCN7850 (bsc#1227149).\n- wifi: ath12k: check M3 buffer size as well whey trying to reuse it (bsc#1227149).\n- wifi: ath12k: configure puncturing bitmap (bsc#1227149).\n- wifi: ath12k: configure RDDM size to MHI for device recovery (bsc#1227149).\n- wifi: ath12k: Consistently use ath12k_vif_to_arvif() (bsc#1227149).\n- wifi: ath12k: Consolidate WMI peer flags (bsc#1227149).\n- wifi: ath12k: Correct 6 GHz frequency value in rx status (git-fixes).\n- wifi: ath12k: correct the data_type from QMI_OPT_FLAG to QMI_UNSIGNED_1_BYTE for mlo_capable (bsc#1227149).\n- wifi: ath12k: delete the timer rx_replenish_retry during rmmod (bsc#1227149).\n- wifi: ath12k: designating channel frequency for ROC scan (bsc#1227149).\n- wifi: ath12k: disable QMI PHY capability learn in split-phy QCN9274 (bsc#1227149).\n- wifi: ath12k: do not drop data frames from unassociated stations (bsc#1227149).\n- wifi: ath12k: Do not drop tx_status in failure case (git-fixes).\n- wifi: ath12k: do not restore ASPM in case of single MSI vector (bsc#1227149).\n- wifi: ath12k: Do not use scan_flags from struct ath12k_wmi_scan_req_arg (bsc#1227149).\n- wifi: ath12k: drop failed transmitted frames from metric calculation (git-fixes).\n- wifi: ath12k: drop NULL pointer check in ath12k_update_per_peer_tx_stats() (bsc#1227149).\n- wifi: ath12k: enable 320 MHz bandwidth for 6 GHz band in EHT PHY capability for WCN7850 (bsc#1227149).\n- wifi: ath12k: enable 802.11 power save mode in station mode (bsc#1227149).\n- wifi: ath12k: enable IEEE80211_HW_SINGLE_SCAN_ON_ALL_BANDS for WCN7850 (bsc#1227149).\n- wifi: ath12k: Enable Mesh support for QCN9274 (bsc#1227149).\n- wifi: ath12k: fetch correct pdev id from WMI_SERVICE_READY_EXT_EVENTID (bsc#1227149).\n- wifi: ath12k: Fix a few spelling errors (bsc#1227149).\n- wifi: ath12k: fix broken structure wmi_vdev_create_cmd (bsc#1227149).\n- wifi: ath12k: fix conf_mutex in ath12k_mac_op_unassign_vif_chanctx() (bsc#1227149).\n- wifi: ath12k: fix debug messages (bsc#1227149).\n- wifi: ath12k: fix fetching MCBC flag for QCN9274 (bsc#1227149).\n- wifi: ath12k: fix firmware assert during insmod in memory segment mode (bsc#1227149).\n- wifi: ath12k: fix firmware crash during reo reinject (git-fixes).\n- wifi: ath12k: fix invalid m3 buffer address (bsc#1227149).\n- wifi: ath12k: fix invalid memory access while processing fragmented packets (git-fixes).\n- wifi: ath12k: fix kernel crash during resume (bsc#1227149).\n- wifi: ath12k: fix license in p2p.c and p2p.h (bsc#1227149).\n- wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() (git-fixes).\n- wifi: ath12k: fix PCI read and write (bsc#1227149).\n- wifi: ath12k: fix peer metadata parsing (git-fixes).\n- wifi: ath12k: fix potential wmi_mgmt_tx_queue race condition (bsc#1227149).\n- wifi: ath12k: fix radar detection in 160 MHz (bsc#1227149).\n- wifi: ath12k: fix recovery fail while firmware crash when doing channel switch (bsc#1227149).\n- wifi: ath12k: fix the error handler of rfkill config (bsc#1227149).\n- wifi: ath12k: fix the issue that the multicast/broadcast indicator is not read correctly for WCN7850 (bsc#1227149).\n- wifi: ath12k: fix the problem that down grade phy mode operation (bsc#1227149).\n- wifi: ath12k: Fix tx completion ring (WBM2SW) setup failure (git-fixes).\n- wifi: ath12k: Fix uninitialized use of ret in ath12k_mac_allocate() (bsc#1227149).\n- wifi: ath12k: fix WARN_ON during ath12k_mac_update_vif_chan (bsc#1227149).\n- wifi: ath12k: fix wrong definition of CE ring\u0027s base address (git-fixes).\n- wifi: ath12k: fix wrong definitions of hal_reo_update_rx_queue (bsc#1227149).\n- wifi: ath12k: get msi_data again after request_irq is called (bsc#1227149).\n- wifi: ath12k: implement handling of P2P NoA event (bsc#1227149).\n- wifi: ath12k: implement remain on channel for P2P mode (bsc#1227149).\n- wifi: ath12k: increase vdev setup timeout (bsc#1227149).\n- wifi: ath12k: indicate NON MBSSID vdev by default during vdev start (bsc#1227149).\n- wifi: ath12k: indicate scan complete for scan canceled when scan running (bsc#1227149).\n- wifi: ath12k: indicate to mac80211 scan complete with aborted flag for ATH12K_SCAN_STARTING state (bsc#1227149).\n- wifi: ath12k: Introduce and use ath12k_sta_to_arsta() (bsc#1227149).\n- wifi: ath12k: Introduce the container for mac80211 hw (bsc#1227149).\n- wifi: ath12k: Make QMI message rules const (bsc#1227149).\n- wifi: ath12k: move HE capabilities processing to a new function (bsc#1227149).\n- wifi: ath12k: move peer delete after vdev stop of station for WCN7850 (bsc#1227149).\n- wifi: ath12k: Optimize the mac80211 hw data access (bsc#1227149).\n- wifi: ath12k: parse WMI service ready ext2 event (bsc#1227149).\n- wifi: ath12k: peer assoc for 320 MHz (bsc#1227149).\n- wifi: ath12k: prepare EHT peer assoc parameters (bsc#1227149).\n- wifi: ath12k: propagate EHT capabilities to userspace (bsc#1227149).\n- wifi: ath12k: Read board id to support split-PHY QCN9274 (bsc#1227149).\n- wifi: ath12k: refactor ath12k_bss_assoc() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_allocate() and ath12k_mac_destroy() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_ampdu_action() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_config() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_configure_filter() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_conf_tx() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_flush() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_start() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_stop() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_update_vif_offload() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_register() and ath12k_mac_unregister() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_setup_channels_rates() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_wmi_tlv_parse_alloc() (bsc#1227149).\n- wifi: ath12k: refactor DP Rxdma ring structure (bsc#1227149).\n- wifi: ath12k: refactor multiple MSI vector implementation (bsc#1227149).\n- wifi: ath12k: refactor QMI MLO host capability helper function (bsc#1227149).\n- wifi: ath12k: Refactor the mac80211 hw access from link/radio (bsc#1227149).\n- wifi: ath12k: refactor the rfkill worker (bsc#1227149).\n- wifi: ath12k: register EHT mesh capabilities (bsc#1227149).\n- wifi: ath12k: relax list iteration in ath12k_mac_vif_unref() (bsc#1227149).\n- wifi: ath12k: relocate ath12k_dp_pdev_pre_alloc() call (bsc#1227149).\n- wifi: ath12k: Remove ath12k_base::bd_api (bsc#1227149).\n- wifi: ath12k: remove hal_desc_sz from hw params (bsc#1227149).\n- wifi: ath12k: Remove obsolete struct wmi_peer_flags_map *peer_flags (bsc#1227149).\n- wifi: ath12k: remove redundant memset() in ath12k_hal_reo_qdesc_setup() (bsc#1227149).\n- wifi: ath12k: Remove some dead code (bsc#1227149).\n- wifi: ath12k: Remove struct ath12k::ops (bsc#1227149).\n- wifi: ath12k: remove the unused scan_events from ath12k_wmi_scan_req_arg (bsc#1227149).\n- wifi: ath12k: Remove unnecessary struct qmi_txn initializers (bsc#1227149).\n- wifi: ath12k: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ath12k: remove unused ATH12K_BD_IE_BOARD_EXT (bsc#1227149).\n- wifi: ath12k: Remove unused declarations (bsc#1227149).\n- wifi: ath12k: Remove unused scan_flags from struct ath12k_wmi_scan_req_arg (bsc#1227149).\n- wifi: ath12k: rename HE capabilities setup/copy functions (bsc#1227149).\n- wifi: ath12k: rename the sc naming convention to ab (bsc#1227149).\n- wifi: ath12k: rename the wmi_sc naming convention to wmi_ab (bsc#1227149).\n- wifi: ath12k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).\n- wifi: ath12k: send WMI_PEER_REORDER_QUEUE_SETUP_CMDID when ADDBA session starts (bsc#1227149).\n- wifi: ath12k: Set default beacon mode to burst mode (bsc#1227149).\n- wifi: ath12k: set IRQ affinity to CPU0 in case of one MSI vector (bsc#1227149).\n- wifi: ath12k: set PERST pin no pull request for WCN7850 (bsc#1227149).\n- wifi: ath12k: split hal_ops to support RX TLVs word mask compaction (bsc#1227149).\n- wifi: ath12k: subscribe required word mask from rx tlv (bsc#1227149).\n- wifi: ath12k: support default regdb while searching board-2.bin for WCN7850 (bsc#1227149).\n- wifi: ath12k: trigger station disconnect on hardware restart (bsc#1227149).\n- wifi: ath12k: use ATH12K_PCI_IRQ_DP_OFFSET for DP IRQ (bsc#1227149).\n- wifi: ath12k: use correct flag field for 320 MHz channels (bsc#1227149).\n- wifi: ath12k: Use initializers for QMI message buffers (bsc#1227149).\n- wifi: ath12k: Use msdu_end to check MCBC (bsc#1227149).\n- wifi: ath12k: Use pdev_id rather than mac_id to get pdev (bsc#1227149).\n- wifi: ath12k: use select for CRYPTO_MICHAEL_MIC (bsc#1227149).\n- wifi: ath12k: WMI support to process EHT capabilities (bsc#1227149).\n- wifi: ath5k: ath5k_hw_get_median_noise_floor(): use swap() (bsc#1227149).\n- wifi: ath5k: Convert to platform remove callback returning void (bsc#1227149).\n- wifi: ath5k: remove phydir check from ath5k_debug_init_device() (bsc#1227149).\n- wifi: ath5k: Remove redundant dev_err() (bsc#1227149).\n- wifi: ath5k: remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ath5k: remove unused ath5k_eeprom_info::ee_antenna (bsc#1227149).\n- wifi: ath5k: replace deprecated strncpy with strscpy (bsc#1227149).\n- wifi: ath6kl: Remove error checking for debugfs_create_dir() (bsc#1227149).\n- wifi: ath6kl: remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ath6kl: replace deprecated strncpy with memcpy (bsc#1227149).\n- wifi: ath9k: avoid using uninitialized array (bsc#1227149).\n- wifi: ath9k: clean up function ath9k_hif_usb_resume (bsc#1227149).\n- wifi: ath9k: consistently use kstrtoX_from_user() functions (bsc#1227149).\n- wifi: ath9k: Convert to platform remove callback returning void (bsc#1227149).\n- wifi: ath9k: delete some unused/duplicate macros (bsc#1227149).\n- wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).\n- wifi: ath9k: fix parameter check in ath9k_init_debug() (bsc#1227149).\n- wifi: ath9k_htc: fix format-truncation warning (bsc#1227149).\n- wifi: ath9k: remove redundant assignment to variable ret (bsc#1227149).\n- wifi: ath9k: Remove unnecessary ternary operators (bsc#1227149).\n- wifi: ath9k: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ath9k: Remove unused declarations (bsc#1227149).\n- wifi: ath9k: reset survey of current channel after a scan started (bsc#1227149).\n- wifi: ath9k: simplify ar9003_hw_process_ini() (bsc#1227149).\n- wifi: ath9k: use u32 for txgain indexes (bsc#1227149).\n- wifi: ath9k: work around memset overflow warning (bsc#1227149).\n- wifi: ath: dfs_pattern_detector: Use flex array to simplify code (bsc#1227149).\n- wifi: ath: remove unused-but-set parameter (bsc#1227149).\n- wifi: ath: Use is_multicast_ether_addr() to check multicast Ether address (bsc#1227149).\n- wifi: ath: work around false-positive stringop-overread warning (bsc#1227149).\n- wifi: atk10k: Do not opencode ath10k_pci_priv() in ath10k_ahb_priv() (bsc#1227149).\n- wifi: atmel: remove unused ioctl function (bsc#1227149).\n- wifi: b43: silence sparse warnings (bsc#1227149).\n- wifi: brcm80211: replace deprecated strncpy with strscpy (bsc#1227149).\n- wifi: brcmfmac: Add DMI nvram filename quirk for ACEPC W5 Pro (stable-fixes).\n- wifi: brcmfmac: add linefeed at end of file (bsc#1227149).\n- wifi: brcmfmac: add per-vendor feature detection callback (stable-fixes).\n- wifi: brcmfmac: allow per-vendor event handling (bsc#1227149).\n- wifi: brcmfmac: Annotate struct brcmf_gscan_config with __counted_by (bsc#1227149).\n- wifi: brcmfmac: cfg80211: Use WSEC to set SAE password (stable-fixes).\n- wifi: brcmfmac: Demote vendor-specific attach/detach messages to info (git-fixes).\n- wifi: brcmfmac: Detect corner error case earlier with log (bsc#1227149).\n- wifi: brcmfmac: do not cast hidden SSID attribute value to boolean (bsc#1227149).\n- wifi: brcmfmac: do not pass hidden SSID attribute as value directly (bsc#1227149).\n- wifi: brcmfmac: export firmware interface functions (bsc#1227149).\n- wifi: brcmfmac: firmware: Annotate struct brcmf_fw_request with __counted_by (bsc#1227149).\n- wifi: brcmfmac: fix format-truncation warnings (bsc#1227149).\n- wifi: brcmfmac: fix gnu_printf warnings (bsc#1227149).\n- wifi: brcmfmac: fweh: Add __counted_by for struct brcmf_fweh_queue_item and use struct_size() (bsc#1227149).\n- wifi: brcmfmac: fweh: Fix boot crash on Raspberry Pi 4 (bsc#1227149).\n- wifi: brcmfmac: move feature overrides before feature_disable (bsc#1227149).\n- wifi: brcmfmac: pcie: handle randbuf allocation failure (git-fixes).\n- wifi: brcmsmac: cleanup SCB-related data types (bsc#1227149).\n- wifi: brcmsmac: fix gnu_printf warnings (bsc#1227149).\n- wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (git-fixes).\n- wifi: brcmsmac: phy: Remove unreachable code (bsc#1227149).\n- wifi: brcmsmac: remove more unused data types (bsc#1227149).\n- wifi: brcmsmac: remove unused data type (bsc#1227149).\n- wifi: brcmsmac: replace deprecated strncpy with memcpy (bsc#1227149).\n- wifi: brcmsmac: silence sparse warnings (bsc#1227149).\n- wifi: brcmutil: use helper function pktq_empty() instead of open code (bsc#1227149).\n- wifi: carl9170: add a proper sanity check for endpoints (git-fixes).\n- wifi: carl9170: re-fix fortified-memset warning (git-fixes).\n- wifi: carl9170: Remove redundant assignment to pointer super (bsc#1227149).\n- wifi: carl9170: remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: cfg80211: add a flag to disable wireless extensions (bsc#1227149).\n- wifi: cfg80211: add BSS usage reporting (bsc#1227149).\n- wifi: cfg80211: add local_state_change to deauth trace (bsc#1227149).\n- wifi: cfg80211: add locked debugfs wrappers (bsc#1227149).\n- wifi: cfg80211: address several kerneldoc warnings (bsc#1227149).\n- wifi: cfg80211: add RNR with reporting AP information (bsc#1227149).\n- wifi: cfg80211: Add support for setting TID to link mapping (bsc#1227149).\n- wifi: cfg80211: add support for SPP A-MSDUs (bsc#1227149).\n- wifi: cfg80211: Allow AP/P2PGO to indicate port authorization to peer STA/P2PClient (bsc#1227149).\n- wifi: cfg80211: allow reg update by driver even if wiphy-\u003eregd is set (bsc#1227149).\n- wifi: cfg80211: annotate iftype_data pointer with sparse (bsc#1227149).\n- wifi: cfg80211: avoid double free if updating BSS fails (bsc#1227149).\n- wifi: cfg80211: call reg_call_notifier on beacon hints (bsc#1227149).\n- wifi: cfg80211: check A-MSDU format more carefully (stable-fixes).\n- wifi: cfg80211: check RTNL when iterating devices (bsc#1227149).\n- wifi: cfg80211: check wiphy mutex is held for wdev mutex (bsc#1227149).\n- wifi: cfg80211: consume both probe response and beacon IEs (bsc#1227149).\n- wifi: cfg80211: detect stuck ECSA element in probe resp (bsc#1227149).\n- wifi: cfg80211: ensure cfg80211_bss_update frees IEs on error (bsc#1227149).\n- wifi: cfg80211: export DFS CAC time and usable state helper functions (bsc#1227149).\n- wifi: cfg80211: expose nl80211_chan_width_to_mhz for wide sharing (bsc#1227149).\n- wifi: cfg80211: Extend support for scanning while MLO connected (bsc#1227149).\n- wifi: cfg80211: fix 6 GHz scan request building (stable-fixes).\n- wifi: cfg80211: fix CQM for non-range use (bsc#1227149).\n- wifi: cfg80211: fix header kernel-doc typos (bsc#1227149).\n- wifi: cfg80211: fix kernel-doc for wiphy_delayed_work_flush() (bsc#1227149).\n- wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).\n- wifi: cfg80211: fix spelling \u0026 punctutation (bsc#1227149).\n- wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes).\n- wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (git-fixes).\n- wifi: cfg80211: Fix typo in documentation (bsc#1227149).\n- wifi: cfg80211: fully move wiphy work to unbound workqueue (git-fixes).\n- wifi: cfg80211: generate an ML element for per-STA profiles (bsc#1227149).\n- wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (git-fixes).\n- wifi: cfg80211: Handle specific BSSID in 6GHz scanning (bsc#1227149).\n- wifi: cfg80211: handle UHB AP and STA power type (bsc#1227149).\n- wifi: cfg80211: hold wiphy lock in cfg80211_any_wiphy_oper_chan() (bsc#1227149).\n- wifi: cfg80211: hold wiphy mutex for send_interface (bsc#1227149).\n- wifi: cfg80211: improve documentation for flag fields (bsc#1227149).\n- wifi: cfg80211: Include operating class 137 in 6GHz band (bsc#1227149).\n- wifi: cfg80211: introduce cfg80211_ssid_eq() (bsc#1227149).\n- wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes).\n- wifi: cfg80211: make read-only array centers_80mhz static const (bsc#1227149).\n- wifi: cfg80211: make RX assoc data const (bsc#1227149).\n- wifi: cfg80211: modify prototype for change_beacon (bsc#1227149).\n- wifi: cfg80211: OWE DH IE handling offload (bsc#1227149).\n- wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes).\n- wifi: cfg80211: reg: describe return values in kernel-doc (bsc#1227149).\n- wifi: cfg80211: reg: fix various kernel-doc issues (bsc#1227149).\n- wifi: cfg80211: reg: hold wiphy mutex for wdev iteration (bsc#1227149).\n- wifi: cfg80211: reg: Support P2P operation on DFS channels (bsc#1227149).\n- wifi: cfg80211: remove scan_width support (bsc#1227149).\n- wifi: cfg80211: remove wdev mutex (bsc#1227149).\n- wifi: cfg80211: rename UHB to 6 GHz (bsc#1227149).\n- wifi: cfg80211: Replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).\n- wifi: cfg80211: report per-link errors during association (bsc#1227149).\n- wifi: cfg80211: report unprotected deauth/disassoc in wowlan (bsc#1227149).\n- wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (git-fixes).\n- wifi: cfg80211: save power spectral density(psd) of regulatory rule (bsc#1227149).\n- wifi: cfg80211: Schedule regulatory check on BSS STA channel change (bsc#1227149).\n- wifi: cfg80211: set correct param change count in ML element (bsc#1227149).\n- wifi: cfg80211: sme: hold wiphy lock for wdev iteration (bsc#1227149).\n- wifi: cfg80211: sort certificates in build (bsc#1227149).\n- wifi: cfg80211: split struct cfg80211_ap_settings (bsc#1227149).\n- wifi: cfg80211: Update the default DSCP-to-UP mapping (bsc#1227149).\n- wifi: cfg80211: validate HE operation element parsing (bsc#1227149).\n- wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (stable-fixes).\n- wifi: cfg80211: wext: convert return value to kernel-doc (bsc#1227149).\n- wifi: cfg80211: wext: set ssids=NULL for passive scans (git-fixes).\n- wifi: cw1200: Avoid processing an invalid TIM IE (bsc#1227149).\n- wifi: cw1200: Convert to GPIO descriptors (bsc#1227149).\n- wifi: cw1200: fix __le16 sparse warnings (bsc#1227149).\n- wifi: cw1200: restore endian swapping (bsc#1227149).\n- wifi: drivers: Explicitly include correct DT includes (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for ar5523 (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for Broadcom WLAN (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for mt76 drivers (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for p54spi (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for wcn36xx (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for wilc1000 (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for wl1251 and wl12xx (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for wl18xx (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for wlcore (bsc#1227149).\n- wifi: hostap: Add __counted_by for struct prism2_download_data and use struct_size() (bsc#1227149).\n- wifi: hostap: fix stringop-truncations GCC warning (bsc#1227149).\n- wifi: hostap: remove unused ioctl function (bsc#1227149).\n- wifi: ieee80211: add definitions for negotiated TID to Link map (bsc#1227149).\n- wifi: ieee80211: add UL-bandwidth definition of trigger frame (bsc#1227149).\n- wifi: ieee80211: check for NULL in ieee80211_mle_size_ok() (stable-fixes).\n- wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok() (git-fixes).\n- wifi: iwlmei: do not send nic info with invalid mac address (bsc#1227149).\n- wifi: iwlmei: do not send SAP messages if AMT is disabled (bsc#1227149).\n- wifi: iwlmei: send driver down SAP message only if wiamt is enabled (bsc#1227149).\n- wifi: iwlmei: send HOST_GOES_DOWN message even if wiamt is disabled (bsc#1227149).\n- wifi: iwlmvm: fw: Add new OEM vendor to tas approved list (bsc#1227149).\n- wifi: iwlwifi: abort scan when rfkill on but device enabled (bsc#1227149).\n- wifi: iwlwifi: add HONOR to PPAG approved list (bsc#1227149).\n- wifi: iwlwifi: add mapping of a periphery register crf for WH RF (bsc#1227149).\n- wifi: iwlwifi: add new RF support for wifi7 (bsc#1227149).\n- wifi: iwlwifi: add Razer to ppag approved list (bsc#1227149).\n- wifi: iwlwifi: Add rf_mapping of new wifi7 devices (bsc#1227149).\n- wifi: iwlwifi: add support for activating UNII-1 in WW via BIOS (bsc#1227149).\n- wifi: iwlwifi: add support for a wiphy_work rx handler (bsc#1227149).\n- wifi: iwlwifi: Add support for new 802.11be device (bsc#1227149).\n- wifi: iwlwifi: add support for new ini region types (bsc#1227149).\n- wifi: iwlwifi: Add support for PPAG cmd v5 and PPAG revision 3 (bsc#1227149).\n- wifi: iwlwifi: add support for SNPS DPHYIP region type (bsc#1227149).\n- wifi: iwlwifi: adjust rx_phyinfo debugfs to MLO (bsc#1227149).\n- wifi: iwlwifi: always have \u0027uats_enabled\u0027 (bsc#1227149).\n- wifi: iwlwifi: api: clean up some kernel-doc/typos (bsc#1227149).\n- wifi: iwlwifi: api: dbg-tlv: fix up kernel-doc (bsc#1227149).\n- wifi: iwlwifi: api: fix a small upper/lower-case typo (bsc#1227149).\n- wifi: iwlwifi: api: fix center_freq label in PHY diagram (bsc#1227149).\n- wifi: iwlwifi: api: fix constant version to match FW (bsc#1227149).\n- wifi: iwlwifi: api: fix kernel-doc reference (bsc#1227149).\n- wifi: iwlwifi: bump FW API to 84 for AX/BZ/SC devices (bsc#1227149).\n- wifi: iwlwifi: bump FW API to 86 for AX/BZ/SC devices (bsc#1227149).\n- wifi: iwlwifi: bump FW API to 87 for AX/BZ/SC devices (bsc#1227149).\n- wifi: iwlwifi: bump FW API to 88 for AX/BZ/SC devices (bsc#1227149).\n- wifi: iwlwifi: cancel session protection only if there is one (bsc#1227149).\n- wifi: iwlwifi: change link id in time event to s8 (bsc#1227149).\n- wifi: iwlwifi: check for kmemdup() return value in iwl_parse_tlv_firmware() (bsc#1227149).\n- wifi: iwlwifi: cleanup BT Shared Single Antenna code (bsc#1227149).\n- wifi: iwlwifi: cleanup sending PER_CHAIN_LIMIT_OFFSET_CMD (bsc#1227149).\n- wifi: iwlwifi: cleanup uefi variables loading (bsc#1227149).\n- wifi: iwlwifi: clear link_id in time_event (bsc#1227149).\n- wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git-fixes).\n- wifi: iwlwifi: dbg-tlv: avoid extra allocation/copy (bsc#1227149).\n- wifi: iwlwifi: dbg-tlv: use struct_size() for allocation (bsc#1227149).\n- wifi: iwlwifi: disable 160 MHz based on subsystem device ID (bsc#1227149).\n- wifi: iwlwifi: disable eSR when BT is active (bsc#1227149).\n- wifi: iwlwifi: disable multi rx queue for 9000 (bsc#1227149).\n- wifi: iwlwifi: do not check TAS block list size twice (bsc#1227149).\n- wifi: iwlwifi: Do not mark DFS channels as NO-IR (bsc#1227149).\n- wifi: iwlwifi: do not use TRUE/FALSE with bool (bsc#1227149).\n- wifi: iwlwifi: drop NULL pointer check in iwl_mvm_tzone_set_trip_temp() (bsc#1227149).\n- wifi: iwlwifi: dvm: remove kernel-doc warnings (bsc#1227149).\n- wifi: iwlwifi: error-dump: fix kernel-doc issues (bsc#1227149).\n- wifi: iwlwifi: Extract common prph mac/phy regions data dump logic (bsc#1227149).\n- wifi: iwlwifi: fail NIC access fast on dead NIC (bsc#1227149).\n- wifi: iwlwifi: fix #ifdef CONFIG_ACPI check (bsc#1227149).\n- wifi: iwlwifi: fix iwl_mvm_get_valid_rx_ant() (git-fixes).\n- wifi: iwlwifi: fix opmode start/stop race (bsc#1227149).\n- wifi: iwlwifi: fix some kernel-doc issues (bsc#1227149).\n- wifi: iwlwifi: Fix spelling mistake \u0027SESION\u0027 -\u003e \u0027SESSION\u0027 (bsc#1227149).\n- wifi: iwlwifi: fix system commands group ordering (bsc#1227149).\n- wifi: iwlwifi: fix the rf step and flavor bits range (bsc#1227149).\n- wifi: iwlwifi: fw: Add support for UATS table in UHB (bsc#1227149).\n- wifi: iwlwifi: fw: allow vmalloc for PNVM image (bsc#1227149).\n- wifi: iwlwifi: fw: dbg: ensure correct config name sizes (bsc#1227149).\n- wifi: iwlwifi: fw: disable firmware debug asserts (bsc#1227149).\n- wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).\n- wifi: iwlwifi: fw: file: clean up kernel-doc (bsc#1227149).\n- wifi: iwlwifi: fw: file: do not use [0] for variable arrays (bsc#1227149).\n- wifi: iwlwifi: fw: fix compiler warning for NULL string print (bsc#1227149).\n- wifi: iwlwifi: fw: fix compile w/o CONFIG_ACPI (git-fixes).\n- wifi: iwlwifi: fw: Fix debugfs command sending (bsc#1227149).\n- wifi: iwlwifi: fw: increase fw_version string size (bsc#1227149).\n- wifi: iwlwifi: fw: reconstruct the API/CAPA enum number (bsc#1227149).\n- wifi: iwlwifi: fw: replace deprecated strncpy with strscpy_pad (bsc#1227149).\n- wifi: iwlwifi: handle per-phy statistics from fw (bsc#1227149).\n- wifi: iwlwifi: implement can_activate_links callback (bsc#1227149).\n- wifi: iwlwifi: implement enable/disable for China 2022 regulatory (bsc#1227149).\n- wifi: iwlwifi: implement GLAI ACPI table loading (bsc#1227149).\n- wifi: iwlwifi: iwl-fh.h: fix kernel-doc issues (bsc#1227149).\n- wifi: iwlwifi: iwlmvm: handle unprotected deauth/disassoc in d3 (bsc#1227149).\n- wifi: iwlwifi: iwl-trans.h: clean up kernel-doc (bsc#1227149).\n- wifi: iwlwifi: load b0 version of ucode for HR1/HR2 (bsc#1227149).\n- wifi: iwlwifi: make TB reallocation a debug message (bsc#1227149).\n- wifi: iwlwifi: make time_events MLO aware (bsc#1227149).\n- wifi: iwlwifi: mei: return error from register when not built (bsc#1227149).\n- wifi: iwlwifi: mvm: add a debugfs hook to clear the monitor data (bsc#1227149).\n- wifi: iwlwifi: mvm: add a debug print when we get a BAR (bsc#1227149).\n- wifi: iwlwifi: mvm: add a per-link debugfs (bsc#1227149).\n- wifi: iwlwifi: mvm: add a print when sending RLC command (bsc#1227149).\n- wifi: iwlwifi: mvm: Add basic link selection logic (bsc#1227149).\n- wifi: iwlwifi: mvm: add start mac ctdp sum calculation debugfs handler (bsc#1227149).\n- wifi: iwlwifi: mvm: add support for new wowlan_info_notif (bsc#1227149).\n- wifi: iwlwifi: mvm: Add support for removing responder TKs (bsc#1227149).\n- wifi: iwlwifi: mvm: add support for TID to link mapping neg request (bsc#1227149).\n- wifi: iwlwifi: mvm: add US/Canada MCC to API (bsc#1227149).\n- wifi: iwlwifi: mvm: advertise MLO only if EHT is enabled (bsc#1227149).\n- wifi: iwlwifi: mvm: advertise support for protected ranging negotiation (bsc#1227149).\n- wifi: iwlwifi: mvm: advertise support for SCS traffic description (bsc#1227149).\n- wifi: iwlwifi: mvm: allocate STA links only for active links (git-fixes).\n- wifi: iwlwifi: mvm: Allow DFS concurrent operation (bsc#1227149).\n- wifi: iwlwifi: mvm: always update keys in D3 exit (bsc#1227149).\n- wifi: iwlwifi: mvm: avoid garbage iPN (bsc#1227149).\n- wifi: iwlwifi: mvm: calculate EMLSR mode after connection (bsc#1227149).\n- wifi: iwlwifi: mvm: check AP supports EMLSR (bsc#1227149).\n- wifi: iwlwifi: mvm: check for iwl_mvm_mld_update_sta() errors (bsc#1227149).\n- wifi: iwlwifi: mvm: check link more carefully (bsc#1227149).\n- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes).\n- wifi: iwlwifi: mvm: check own capabilities for EMLSR (bsc#1227149).\n- wifi: iwlwifi: mvm: cleanup MLO and non-MLO unification code (bsc#1227149).\n- wifi: iwlwifi: mvm: combine condition/warning (bsc#1227149).\n- wifi: iwlwifi: mvm: Configure the link mapping for non-MLD FW (bsc#1227149).\n- wifi: iwlwifi: mvm: consider having one active link (bsc#1227149).\n- wifi: iwlwifi: mvm: const-ify chandef pointers (bsc#1227149).\n- wifi: iwlwifi: mvm: Correctly report TSF data in scan complete (bsc#1227149).\n- wifi: iwlwifi: mvm: cycle FW link on chanctx removal (bsc#1227149).\n- wifi: iwlwifi: mvm: d3: avoid intermediate/early mutex unlock (bsc#1227149).\n- wifi: iwlwifi: mvm: d3: disconnect on GTK rekey failure (bsc#1227149).\n- wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup (stable-fixes).\n- wifi: iwlwifi: mvm: d3: implement suspend with MLO (bsc#1227149).\n- wifi: iwlwifi: mvm: debugfs for fw system stats (bsc#1227149).\n- wifi: iwlwifi: mvm: Declare support for secure LTF measurement (bsc#1227149).\n- wifi: iwlwifi: mvm: define RX queue sync timeout as a macro (bsc#1227149).\n- wifi: iwlwifi: mvm: disable MLO for the time being (bsc#1227149).\n- wifi: iwlwifi: mvm: disallow puncturing in US/Canada (bsc#1227149).\n- wifi: iwlwifi: mvm: disconnect long CSA only w/o alternative (bsc#1227149).\n- wifi: iwlwifi: mvm: disconnect station vifs if recovery failed (bsc#1227149).\n- wifi: iwlwifi: mvm: do not abort queue sync in CT-kill (bsc#1227149).\n- wifi: iwlwifi: mvm: do not add dummy phy context (bsc#1227149).\n- wifi: iwlwifi: mvm: do not always disable EMLSR due to BT coex (bsc#1227149).\n- wifi: iwlwifi: mvm: do not do duplicate detection for nullfunc packets (bsc#1227149).\n- wifi: iwlwifi: mvm: do not initialize csa_work twice (git-fixes).\n- wifi: iwlwifi: mvm: do not limit VLP/AFC to UATS-enabled (git-fixes).\n- wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes).\n- wifi: iwlwifi: mvm: do not send BT_COEX_CI command on new devices (bsc#1227149).\n- wifi: iwlwifi: mvm: do not send NDPs for new tx devices (bsc#1227149).\n- wifi: iwlwifi: mvm: do not send STA_DISABLE_TX_CMD for newer firmware (bsc#1227149).\n- wifi: iwlwifi: mvm: do not send the smart fifo command if not needed (bsc#1227149).\n- wifi: iwlwifi: mvm: do not set trigger frame padding in AP mode (bsc#1227149).\n- wifi: iwlwifi: mvm: do not support reduced tx power on ack for new devices (bsc#1227149).\n- wifi: iwlwifi: mvm: do not wake up rx_sync_waitq upon RFKILL (git-fixes).\n- wifi: iwlwifi: mvm: Do not warn if valid link pair was not found (bsc#1227149).\n- wifi: iwlwifi: mvm: Do not warn on invalid link on scan complete (bsc#1227149).\n- wifi: iwlwifi: mvm: enable FILS DF Tx on non-PSC channel (bsc#1227149).\n- wifi: iwlwifi: mvm: enable HE TX/RX \u0026lt;242 tone RU on new RFs (bsc#1227149).\n- wifi: iwlwifi: mvm: expand queue sync warning messages (bsc#1227149).\n- wifi: iwlwifi: mvm: extend alive timeout to 2 seconds (bsc#1227149).\n- wifi: iwlwifi: mvm: Extend support for P2P service discovery (bsc#1227149).\n- wifi: iwlwifi: mvm: fix a battery life regression (bsc#1227149).\n- wifi: iwlwifi: mvm: fix a crash on 7265 (bsc#1227149).\n- wifi: iwlwifi: mvm: fix active link counting during recovery (git-fixes).\n- wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask (git-fixes).\n- wifi: iwlwifi: mvm: Fix FTM initiator flags (bsc#1227149).\n- wifi: iwlwifi: mvm: fix kernel-doc (bsc#1227149).\n- wifi: iwlwifi: mvm: fix link ID management (bsc#1227149).\n- wifi: iwlwifi: mvm: fix recovery flow in CSA (bsc#1227149).\n- wifi: iwlwifi: mvm: fix regdb initialization (bsc#1227149).\n- wifi: iwlwifi: mvm: fix ROC version check (bsc#1227149).\n- wifi: iwlwifi: mvm: fix SB CFG check (bsc#1227149).\n- wifi: iwlwifi: mvm: Fix scan abort handling with HW rfkill (stable-fixes).\n- wifi: iwlwifi: mvm: fix the key PN index (bsc#1227149).\n- wifi: iwlwifi: mvm: fix the PHY context resolution for p2p device (bsc#1227149).\n- wifi: iwlwifi: mvm: fix thermal kernel-doc (bsc#1227149).\n- wifi: iwlwifi: mvm: fix the TXF mapping for BZ devices (bsc#1227149).\n- wifi: iwlwifi: mvm: Fix unreachable code path (bsc#1227149).\n- wifi: iwlwifi: mvm: fold the ref++ into iwl_mvm_phy_ctxt_add (bsc#1227149).\n- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (stable-fixes).\n- wifi: iwlwifi: mvm: handle BA session teardown in RF-kill (stable-fixes).\n- wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd (stable-fixes).\n- wifi: iwlwifi: mvm: handle debugfs names more carefully (bsc#1227149).\n- wifi: iwlwifi: mvm: handle link-STA allocation in restart (bsc#1227149).\n- wifi: iwlwifi: mvm: implement new firmware API for statistics (bsc#1227149).\n- wifi: iwlwifi: mvm: implement ROC version 3 (bsc#1227149).\n- wifi: iwlwifi: mvm: include link ID when releasing frames (git-fixes).\n- wifi: iwlwifi: mvm: increase session protection after CSA (bsc#1227149).\n- wifi: iwlwifi: mvm: init vif works only once (git-fixes).\n- wifi: iwlwifi: mvm: introduce esr_disable_reason (bsc#1227149).\n- wifi: iwlwifi: mvm: introduce PHY_CONTEXT_CMD_API_VER_5 (bsc#1227149).\n- wifi: iwlwifi: mvm: iterate active links for STA queues (bsc#1227149).\n- wifi: iwlwifi: mvm: Keep connection in case of missed beacons during RX (bsc#1227149).\n- wifi: iwlwifi: mvm: limit EHT 320 MHz MCS for STEP URM (bsc#1227149).\n- wifi: iwlwifi: mvm: limit pseudo-D3 to 60 seconds (bsc#1227149).\n- wifi: iwlwifi: mvm: log dropped frames (bsc#1227149).\n- wifi: iwlwifi: mvm: log dropped packets due to MIC error (bsc#1227149).\n- wifi: iwlwifi: mvm: make functions public (bsc#1227149).\n- wifi: iwlwifi: mvm: make pldr_sync AX210 specific (bsc#1227149).\n- wifi: iwlwifi: mvm: make \u0027pldr_sync\u0027 mode effective (bsc#1227149).\n- wifi: iwlwifi: mvm: move BA notif messages before action (bsc#1227149).\n- wifi: iwlwifi: mvm: move listen interval to constants (bsc#1227149).\n- wifi: iwlwifi: mvm: move RU alloc B2 placement (bsc#1227149).\n- wifi: iwlwifi: mvm: offload IGTK in AP if BIGTK is supported (bsc#1227149).\n- wifi: iwlwifi: mvm: partially support PHY context version 6 (bsc#1227149).\n- wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF (bsc#1227149).\n- wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option (stable-fixes).\n- wifi: iwlwifi: mvm: reduce maximum RX A-MPDU size (bsc#1227149).\n- wifi: iwlwifi: mvm: refactor duplicate chanctx condition (bsc#1227149).\n- wifi: iwlwifi: mvm: refactor TX rate handling (bsc#1227149).\n- wifi: iwlwifi: mvm: remove EHT code from mac80211.c (bsc#1227149).\n- wifi: iwlwifi: mvm: remove flags for enable/disable beacon filter (bsc#1227149).\n- wifi: iwlwifi: mvm: remove IWL_MVM_STATUS_NEED_FLUSH_P2P (bsc#1227149).\n- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).\n- wifi: iwlwifi: mvm: remove one queue sync on BA session stop (bsc#1227149).\n- wifi: iwlwifi: mvm: remove set_tim callback for MLD ops (bsc#1227149).\n- wifi: iwlwifi: mvm: remove stale STA link data during restart (stable-fixes).\n- wifi: iwlwifi: mvm: Return success if link could not be removed (bsc#1227149).\n- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).\n- wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes).\n- wifi: iwlwifi: mvm: rework debugfs handling (bsc#1227149).\n- wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).\n- wifi: iwlwifi: mvm: select STA mask only for active links (git-fixes).\n- wifi: iwlwifi: mvm: set properly mac header (git-fixes).\n- wifi: iwlwifi: mvm: show dump even for pldr_sync (bsc#1227149).\n- wifi: iwlwifi: mvm: show skb_mac_gso_segment() failure reason (bsc#1227149).\n- wifi: iwlwifi: mvm: simplify the reorder buffer (bsc#1227149).\n- wifi: iwlwifi: mvm: skip adding debugfs symlink for reconfig (bsc#1227149).\n- wifi: iwlwifi: mvm: support CSA with MLD (bsc#1227149).\n- wifi: iwlwifi: mvm: support flush on AP interfaces (bsc#1227149).\n- wifi: iwlwifi: mvm: support injection antenna control (bsc#1227149).\n- wifi: iwlwifi: mvm: support iwl_dev_tx_power_cmd_v8 (bsc#1227149).\n- wifi: iwlwifi: mvm: support set_antenna() (bsc#1227149).\n- wifi: iwlwifi: mvm: support SPP A-MSDUs (bsc#1227149).\n- wifi: iwlwifi: mvm: unlock mvm if there is no primary link (bsc#1227149).\n- wifi: iwlwifi: mvm: use correct address 3 in A-MSDU (stable-fixes).\n- wifi: iwlwifi: mvm: use fast balance scan in case of an active P2P GO (bsc#1227149).\n- wifi: iwlwifi: mvm: Use the link ID provided in scan request (bsc#1227149).\n- wifi: iwlwifi: mvm: use the new command to clear the internal buffer (bsc#1227149).\n- wifi: iwlwifi: mvm: work around A-MSDU size problem (bsc#1227149).\n- wifi: iwlwifi: no power save during transition to D3 (bsc#1227149).\n- wifi: iwlwifi: nvm-parse: advertise common packet padding (bsc#1227149).\n- wifi: iwlwifi: nvm: parse the VLP/AFC bit from regulatory (bsc#1227149).\n- wifi: iwlwifi: pcie: Add new PCI device id and CNVI (bsc#1227149).\n- wifi: iwlwifi: pcie: Add the PCI device id for new hardware (stable-fixes).\n- wifi: iwlwifi: pcie: clean up device removal work (bsc#1227149).\n- wifi: iwlwifi: pcie: clean up gen1/gen2 TFD unmap (bsc#1227149).\n- wifi: iwlwifi: pcie: clean up WFPM control bits (bsc#1227149).\n- wifi: iwlwifi: pcie: do not allow hw-rfkill to stop device on gen2 (bsc#1227149).\n- wifi: iwlwifi: pcie: dump CSRs before removal (bsc#1227149).\n- wifi: iwlwifi: pcie: enable TOP fatal error interrupt (bsc#1227149).\n- wifi: iwlwifi: pcie: fix kernel-doc issues (bsc#1227149).\n- wifi: iwlwifi: pcie: fix RB status reading (stable-fixes).\n- wifi: iwlwifi: pcie: get_crf_id() can be void (bsc#1227149).\n- wifi: iwlwifi: pcie: give up mem read if HW is dead (bsc#1227149).\n- wifi: iwlwifi: pcie: move gen1 TB handling to header (bsc#1227149).\n- wifi: iwlwifi: pcie: point invalid TFDs to invalid data (bsc#1227149).\n- wifi: iwlwifi: pcie: propagate iwl_pcie_gen2_apm_init() error (bsc#1227149).\n- wifi: iwlwifi: pcie: (re-)assign BAR0 on driver bind (bsc#1227149).\n- wifi: iwlwifi: pcie: rescan bus if no parent (bsc#1227149).\n- wifi: iwlwifi: prepare for reading DSM from UEFI (bsc#1227149).\n- wifi: iwlwifi: prepare for reading PPAG table from UEFI (bsc#1227149).\n- wifi: iwlwifi: prepare for reading SAR tables from UEFI (bsc#1227149).\n- wifi: iwlwifi: prepare for reading SPLC from UEFI (bsc#1227149).\n- wifi: iwlwifi: prepare for reading TAS table from UEFI (bsc#1227149).\n- wifi: iwlwifi: properly check if link is active (bsc#1227149).\n- wifi: iwlwifi: properly set WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK (stable-fixes).\n- wifi: iwlwifi: queue: fix kernel-doc (bsc#1227149).\n- wifi: iwlwifi: queue: improve warning for no skb in reclaim (bsc#1227149).\n- wifi: iwlwifi: queue: move iwl_txq_gen2_set_tb() up (bsc#1227149).\n- wifi: iwlwifi: read DSM func 2 for specific RF types (bsc#1227149).\n- wifi: iwlwifi: read DSM functions from UEFI (bsc#1227149).\n- wifi: iwlwifi: read ECKV table from UEFI (bsc#1227149).\n- wifi: iwlwifi: read mac step from aux register (bsc#1227149).\n- wifi: iwlwifi: read PPAG table from UEFI (bsc#1227149).\n- wifi: iwlwifi: read SAR tables from UEFI (bsc#1227149).\n- wifi: iwlwifi: read SPLC from UEFI (bsc#1227149).\n- wifi: iwlwifi: read txq-\u003eread_ptr under lock (stable-fixes).\n- wifi: iwlwifi: read WRDD table from UEFI (bsc#1227149).\n- wifi: iwlwifi: read WTAS table from UEFI (bsc#1227149).\n- wifi: iwlwifi: reconfigure TLC during HW restart (git-fixes).\n- wifi: iwlwifi: refactor RX tracing (bsc#1227149).\n- wifi: iwlwifi: remove async command callback (bsc#1227149).\n- wifi: iwlwifi: remove dead-code (bsc#1227149).\n- wifi: iwlwifi: remove \u0027def_rx_queue\u0027 struct member (bsc#1227149).\n- wifi: iwlwifi: remove extra kernel-doc (bsc#1227149).\n- wifi: iwlwifi: remove Gl A-step remnants (bsc#1227149).\n- wifi: iwlwifi: remove memory check for LMAC error address (bsc#1227149).\n- wifi: iwlwifi: remove retry loops in start (bsc#1227149).\n- wifi: iwlwifi: remove unused function prototype (bsc#1227149).\n- wifi: iwlwifi: remove WARN from read_mem32() (bsc#1227149).\n- wifi: iwlwifi: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).\n- wifi: iwlwifi: return negative -EINVAL instead of positive EINVAL (bsc#1227149).\n- wifi: iwlwifi: rfi: use a single DSM function for all RFI configurations (bsc#1227149).\n- wifi: iwlwifi: send EDT table to FW (bsc#1227149).\n- wifi: iwlwifi: separate TAS \u0027read-from-BIOS\u0027 and \u0027send-to-FW\u0027 flows (bsc#1227149).\n- wifi: iwlwifi: simplify getting DSM from ACPI (bsc#1227149).\n- wifi: iwlwifi: skip affinity setting on non-SMP (bsc#1227149).\n- wifi: iwlwifi: skip opmode start retries on dead transport (bsc#1227149).\n- wifi: iwlwifi: small cleanups in PPAG table flows (bsc#1227149).\n- wifi: iwlwifi: support link command version 2 (bsc#1227149).\n- wifi: iwlwifi: support link_id in SESSION_PROTECTION cmd (bsc#1227149).\n- wifi: iwlwifi: support link id in SESSION_PROTECTION_NOTIF (bsc#1227149).\n- wifi: iwlwifi: take send-DSM-to-FW flows out of ACPI ifdef (bsc#1227149).\n- wifi: iwlwifi: take SGOM and UATS code out of ACPI ifdef (bsc#1227149).\n- wifi: iwlwifi: trace full frames with TX status request (bsc#1227149).\n- wifi: iwlwifi: update context info structure definitions (bsc#1227149).\n- wifi: iwlwifi: Use request_module_nowait (bsc#1227149).\n- wifi: iwlwifi: use system_unbound_wq for debug dump (bsc#1227149).\n- wifi: iwlwifi: validate PPAG table when sent to FW (bsc#1227149).\n- wifi: lib80211: remove unused variables iv32 and iv16 (bsc#1227149).\n- wifi: libertas: add missing calls to cancel_work_sync() (bsc#1227149).\n- wifi: libertas: cleanup SDIO reset (bsc#1227149).\n- wifi: libertas: Follow renaming of SPI \u0027master\u0027 to \u0027controller\u0027 (bsc#1227149).\n- wifi: libertas: handle possible spu_write_u16() errors (bsc#1227149).\n- wifi: libertas: prefer kstrtoX() for simple integer conversions (bsc#1227149).\n- wifi: libertas: simplify list operations in free_if_spi_card() (bsc#1227149).\n- wifi: libertas: use convenient lists to manage SDIO packets (bsc#1227149).\n- wifi: mac80211: add a driver callback to add vif debugfs (bsc#1227149).\n- wifi: mac80211: add a driver callback to check active_links (bsc#1227149).\n- wifi: mac80211: add a flag to disallow puncturing (bsc#1227149).\n- wifi: mac80211: add back SPDX identifier (bsc#1227149).\n- wifi: mac80211: Add __counted_by for struct ieee802_11_elems and use struct_size() (bsc#1227149).\n- wifi: mac80211: add ieee80211_tdls_sta_link_id() (stable-fixes).\n- wifi: mac80211: additions to change_beacon() (bsc#1227149).\n- wifi: mac80211: add link id to ieee80211_gtk_rekey_add() (bsc#1227149).\n- wifi: mac80211: add link id to mgd_prepare_tx() (bsc#1227149).\n- wifi: mac80211: add more ops assertions (bsc#1227149).\n- wifi: mac80211: add more warnings about inserting sta info (bsc#1227149).\n- wifi: mac80211: add/remove driver debugfs entries as appropriate (bsc#1227149).\n- wifi: mac80211: address some kerneldoc warnings (bsc#1227149).\n- wifi: mac80211: add support for mld in ieee80211_chswitch_done (bsc#1227149).\n- wifi: mac80211: add support for parsing TID to Link mapping element (bsc#1227149).\n- wifi: mac80211: add support for SPP A-MSDUs (bsc#1227149).\n- wifi: mac80211: allow 64-bit radiotap timestamps (bsc#1227149).\n- wifi: mac80211: allow for_each_sta_active_link() under RCU (bsc#1227149).\n- wifi: mac80211: apply mcast rate only if interface is up (stable-fixes).\n- wifi: mac80211: Avoid address calculations via out of bounds array indexing (stable-fixes).\n- wifi: mac80211: cancel multi-link reconf work on disconnect (git-fixes).\n- wifi: mac80211: chanctx emulation set CHANGE_CHANNEL when in_reconfig (git-fixes).\n- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).\n- wifi: mac80211: check EHT/TTLM action frame length (bsc#1227149).\n- wifi: mac80211: Check if we had first beacon with relevant links (bsc#1227149).\n- wifi: mac80211: check wiphy mutex in ops (bsc#1227149).\n- wifi: mac80211: cleanup airtime arithmetic with ieee80211_sta_keep_active() (bsc#1227149).\n- wifi: mac80211: clean up assignments to pointer cache (stable-fixes).\n- wifi: mac80211: cleanup auth_data only if association continues (bsc#1227149).\n- wifi: mac80211: convert A-MPDU work to wiphy work (bsc#1227149).\n- wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes).\n- wifi: mac80211: correctly set active links upon TTLM (bsc#1227149).\n- wifi: mac80211: correcty limit wider BW TDLS STAs (git-fixes).\n- wifi: mac80211: debugfs: lock wiphy instead of RTNL (bsc#1227149).\n- wifi: mac80211: describe return values in kernel-doc (bsc#1227149).\n- wifi: mac80211: disable softirqs for queued frame handling (git-fixes).\n- wifi: mac80211: do not connect to an AP while it\u0027s in a CSA process (bsc#1227149).\n- wifi: mac80211: Do not force off-channel for management Tx with MLO (bsc#1227149).\n- wifi: mac80211: Do not include crypto/algapi.h (bsc#1227149).\n- wifi: mac80211: do not re-add debugfs entries during resume (bsc#1227149).\n- wifi: mac80211: do not select link ID if not provided in scan request (bsc#1227149).\n- wifi: mac80211: do not set ESS capab bit in assoc request (bsc#1227149).\n- wifi: mac80211: do not use rate mask for scanning (stable-fixes).\n- wifi: mac80211: drop robust action frames before assoc (bsc#1227149).\n- wifi: mac80211: drop spurious WARN_ON() in ieee80211_ibss_csa_beacon() (bsc#1227149).\n- wifi: mac80211: ensure beacon is non-S1G prior to extracting the beacon timestamp field (stable-fixes).\n- wifi: mac80211: ethtool: always hold wiphy mutex (bsc#1227149).\n- wifi: mac80211: ethtool: hold wiphy mutex (bsc#1227149).\n- wifi: mac80211: expand __ieee80211_data_to_8023() status (bsc#1227149).\n- wifi: mac80211: Extend support for scanning while MLO connected (bsc#1227149).\n- wifi: mac80211: extend wiphy lock in interface removal (bsc#1227149).\n- wifi: mac80211: fix advertised TTLM scheduling (bsc#1227149).\n- wifi: mac80211: fix a expired vs. cancel race in roc (bsc#1227149).\n- wifi: mac80211: fix another key installation error path (bsc#1227149).\n- wifi: mac80211: fix BA session teardown race (bsc#1227149).\n- wifi: mac80211: fix BSS_CHANGED_UNSOL_BCAST_PROBE_RESP (bsc#1227149).\n- wifi: mac80211: fix change_address deadlock during unregister (bsc#1227149).\n- wifi: mac80211: fix channel switch link data (bsc#1227149).\n- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git-fixes).\n- wifi: mac80211: fix driver debugfs for vif type change (bsc#1227149).\n- wifi: mac80211: fix error path key leak (bsc#1227149).\n- wifi: mac80211: fixes in FILS discovery updates (bsc#1227149).\n- wifi: mac80211: fix header kernel-doc typos (bsc#1227149).\n- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).\n- wifi: mac80211: fix ieee80211_drop_unencrypted_mgmt return type/value (bsc#1227149).\n- wifi: mac80211: fix monitor channel with chanctx emulation (bsc#1227149).\n- wifi: mac80211: fix potential key leak (bsc#1227149).\n- wifi: mac80211: fix prep_connection error path (stable-fixes).\n- wifi: mac80211: Fix SMPS handling in the context of MLO (bsc#1227149).\n- wifi: mac80211: fix SMPS status handling (bsc#1227149).\n- wifi: mac80211: fix spelling typo in comment (bsc#1227149).\n- wifi: mac80211: fix TXQ error path and cleanup (bsc#1227149).\n- wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (stable-fixes).\n- wifi: mac80211: fix unaligned le16 access (git-fixes).\n- wifi: mac80211: fix unsolicited broadcast probe config (bsc#1227149).\n- wifi: mac80211: fix various kernel-doc issues (bsc#1227149).\n- wifi: mac80211: flush STA queues on unauthorization (bsc#1227149).\n- wifi: mac80211: flush wiphy work where appropriate (bsc#1227149).\n- wifi: mac80211: handle debugfs when switching to/from MLO (bsc#1227149).\n- wifi: mac80211: handle tasklet frames before stopping (stable-fixes).\n- wifi: mac80211: hold wiphy_lock around concurrency checks (bsc#1227149).\n- wifi: mac80211: hold wiphy lock in netdev/link debugfs (bsc#1227149).\n- wifi: mac80211_hwsim: init peer measurement result (git-fixes).\n- wifi: mac80211: improve CSA/ECSA connection refusal (bsc#1227149).\n- wifi: mac80211: initialize SMPS mode correctly (bsc#1227149).\n- wifi: mac80211: lock wiphy for aggregation debugfs (bsc#1227149).\n- wifi: mac80211: lock wiphy in IP address notifier (bsc#1227149).\n- wifi: mac80211: make mgd_protect_tdls_discover MLO-aware (bsc#1227149).\n- wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes).\n- wifi: mac80211: mesh: fix some kdoc warnings (bsc#1227149).\n- wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (stable-fixes).\n- wifi: mac80211: mesh: Remove unused function declaration mesh_ids_set_default() (bsc#1227149).\n- wifi: mac80211: move color change finalize to wiphy work (bsc#1227149).\n- wifi: mac80211: move CSA finalize to wiphy work (bsc#1227149).\n- wifi: mac80211: move DFS CAC work to wiphy work (bsc#1227149).\n- wifi: mac80211: move dynamic PS to wiphy work (bsc#1227149).\n- wifi: mac80211: move filter reconfig to wiphy work (bsc#1227149).\n- wifi: mac80211: move key tailroom work to wiphy work (bsc#1227149).\n- wifi: mac80211: move link activation work to wiphy work (bsc#1227149).\n- wifi: mac80211: move monitor work to wiphy work (bsc#1227149).\n- wifi: mac80211: move TDLS work to wiphy work (bsc#1227149).\n- wifi: mac80211: move tspec work to wiphy work (bsc#1227149).\n- wifi: mac80211: Notify the low level driver on change in MLO valid links (bsc#1227149).\n- wifi: mac80211: Print local link address during authentication (bsc#1227149).\n- wifi: mac80211: process and save negotiated TID to Link mapping request (bsc#1227149).\n- wifi: mac80211: purge TX queues in flush_queues flow (bsc#1227149).\n- wifi: mac80211: Recalc offload when monitor stop (git-fixes).\n- wifi: mac80211: reduce iflist_mtx (bsc#1227149).\n- wifi: mac80211: reject MLO channel configuration if not supported (bsc#1227149).\n- wifi: mac80211: relax RCU check in for_each_vif_active_link() (bsc#1227149).\n- wifi: mac80211: remove ampdu_mlme.mtx (bsc#1227149).\n- wifi: mac80211: remove chanctx_mtx (bsc#1227149).\n- wifi: mac80211: remove key_mtx (bsc#1227149).\n- wifi: mac80211: remove link before AP (git-fixes).\n- wifi: mac80211: remove local-\u003emtx (bsc#1227149).\n- wifi: mac80211: remove redundant ML element check (bsc#1227149).\n- wifi: mac80211: remove RX_DROP_UNUSABLE (bsc#1227149).\n- wifi: mac80211: remove shifted rate support (bsc#1227149).\n- wifi: mac80211: remove sta_mtx (bsc#1227149).\n- wifi: mac80211: remove unnecessary struct forward declaration (bsc#1227149).\n- wifi: mac80211: Remove unused function declarations (bsc#1227149).\n- wifi: mac80211: Rename and update IEEE80211_VIF_DISABLE_SMPS_OVERRIDE (bsc#1227149).\n- wifi: mac80211: rename ieee80211_tx_status() to ieee80211_tx_status_skb() (bsc#1227149).\n- wifi: mac80211: rename struct cfg80211_rx_assoc_resp to cfg80211_rx_assoc_resp_data (bsc#1227149).\n- wifi: mac80211: Replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).\n- wifi: mac80211: report per-link error during association (bsc#1227149).\n- wifi: mac80211: reset negotiated TTLM on disconnect (git-fixes).\n- wifi: mac80211: rework ack_frame_id handling a bit (bsc#1227149).\n- wifi: mac80211: rework RX timestamp flags (bsc#1227149).\n- wifi: mac80211: rx.c: fix sentence grammar (bsc#1227149).\n- wifi: mac80211: Sanity check tx bitrate if not provided by driver (bsc#1227149).\n- wifi: mac80211: Schedule regulatory channels check on bandwith change (bsc#1227149).\n- wifi: mac80211: set wiphy for virtual monitors (bsc#1227149).\n- wifi: mac80211: simplify non-chanctx drivers (bsc#1227149).\n- wifi: mac80211: Skip association timeout update after comeback rejection (bsc#1227149).\n- wifi: mac80211: split ieee80211_drop_unencrypted_mgmt() return value (bsc#1227149).\n- wifi: mac80211: sta_info.c: fix sentence grammar (bsc#1227149).\n- wifi: mac80211: support antenna control in injection (bsc#1227149).\n- wifi: mac80211: support handling of advertised TID-to-link mapping (bsc#1227149).\n- wifi: mac80211: take MBSSID/EHT data also from probe resp (bsc#1227149).\n- wifi: mac80211: take wiphy lock for MAC addr change (bsc#1227149).\n- wifi: mac80211: tx: clarify conditions in if statement (bsc#1227149).\n- wifi: mac80211: update beacon counters per link basis (bsc#1227149).\n- wifi: mac80211: update some locking documentation (bsc#1227149).\n- wifi: mac80211: update the rx_chains after set_antenna() (bsc#1227149).\n- wifi: mac80211: use bandwidth indication element for CSA (bsc#1227149).\n- wifi: mac80211: use deflink and fix typo in link ID check (bsc#1227149).\n- wifi: mac80211: use wiphy locked debugfs for sdata/link (bsc#1227149).\n- wifi: mac80211: use wiphy locked debugfs helpers for agg_status (bsc#1227149).\n- wifi: mt7601u: delete dead code checking debugfs returns (bsc#1227149).\n- wifi: mt7601u: replace strlcpy() with strscpy() (bsc#1227149).\n- wifi: mt76: add ability to explicitly forbid LED registration with DT (bsc#1227149).\n- wifi: mt76: add DMA mapping error check in mt76_alloc_txwi() (bsc#1227149).\n- wifi: mt76: add support for providing eeprom in nvmem cells (bsc#1227149).\n- wifi: mt76: add tx_nss histogram to ethtool stats (bsc#1227149).\n- wifi: mt76: Annotate struct mt76_rx_tid with __counted_by (bsc#1227149).\n- wifi: mt76: change txpower init to per-phy (bsc#1227149).\n- wifi: mt76: check sta rx control frame to multibss capability (bsc#1227149).\n- wifi: mt76: check txs format before getting skb by pid (bsc#1227149).\n- wifi: mt76: check vif type before reporting cca and csa (bsc#1227149).\n- wifi: mt76: connac: add beacon duplicate TX mode support for mt7996 (bsc#1227149).\n- wifi: mt76: connac: add beacon protection support for mt7996 (bsc#1227149).\n- wifi: mt76: connac: add connac3 mac library (bsc#1227149).\n- wifi: mt76: connac: add data field in struct tlv (bsc#1227149).\n- wifi: mt76: connac: add eht support for phy mode config (bsc#1227149).\n- wifi: mt76: connac: add eht support for tx power (bsc#1227149).\n- wifi: mt76: connac: add firmware support for mt7992 (bsc#1227149).\n- wifi: mt76: connac: add MBSSID support for mt7996 (bsc#1227149).\n- wifi: mt76: connac: add more unified command IDs (bsc#1227149).\n- wifi: mt76: connac: add more unified event IDs (bsc#1227149).\n- wifi: mt76: connac: add new definition of tx descriptor (bsc#1227149).\n- wifi: mt76: connac: add support for dsp firmware download (bsc#1227149).\n- wifi: mt76: connac: add support to set ifs time by mcu command (bsc#1227149).\n- wifi: mt76: connac: add thermal protection support for mt7996 (bsc#1227149).\n- wifi: mt76: connac: check for null before dereferencing (bsc#1227149).\n- wifi: mt76: connac: export functions for mt7925 (bsc#1227149).\n- wifi: mt76: connac: introduce helper for mt7925 chipset (bsc#1227149).\n- wifi: mt76: connac: set correct muar_idx for mt799x chipsets (bsc#1227149).\n- wifi: mt76: connac: set fixed_bw bit in TX descriptor for fixed rate frames (bsc#1227149).\n- wifi: mt76: connac: use muar idx 0xe for non-mt799x as well (bsc#1227149).\n- wifi: mt76: Convert to platform remove callback returning void (bsc#1227149).\n- wifi: mt76: disable HW AMSDU when using fixed rate (bsc#1227149).\n- wifi: mt76: dma: introduce __mt76_dma_queue_reset utility routine (bsc#1227149).\n- wifi: mt76: enable UNII-4 channel 177 support (bsc#1227149).\n- wifi: mt76: fix race condition related to checking tx queue fill status (bsc#1227149).\n- wifi: mt76: fix the issue of missing txpwr settings from ch153 to ch177 (bsc#1227149).\n- wifi: mt76: fix typo in mt76_get_of_eeprom_from_nvmem function (bsc#1227149).\n- wifi: mt76: increase MT_QFLAG_WED_TYPE size (bsc#1227149).\n- wifi: mt76: introduce mt76_queue_is_wed_tx_free utility routine (bsc#1227149).\n- wifi: mt76: introduce wed pointer in mt76_queue (bsc#1227149).\n- wifi: mt76: limit support of precal loading for mt7915 to MTD only (bsc#1227149).\n- wifi: mt76: make mt76_get_of_eeprom static again (bsc#1227149).\n- wifi: mt76: mmio: move mt76_mmio_wed_{init,release}_rx_buf in common code (bsc#1227149).\n- wifi: mt76: move ampdu_state in mt76_wcid (bsc#1227149).\n- wifi: mt76: move mt76_mmio_wed_offload_{enable,disable} in common code (bsc#1227149).\n- wifi: mt76: move mt76_net_setup_tc in common code (bsc#1227149).\n- wifi: mt76: move rate info in mt76_vif (bsc#1227149).\n- wifi: mt76: move wed reset common code in mt76 module (bsc#1227149).\n- wifi: mt76: mt7603: add missing register initialization for MT7628 (bsc#1227149).\n- wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset (git-fixes).\n- wifi: mt76: mt7603: disable A-MSDU tx support on MT7628 (bsc#1227149).\n- wifi: mt76: mt7603: fix beacon interval after disabling a single vif (bsc#1227149).\n- wifi: mt76: mt7603: fix tx filter/flush function (bsc#1227149).\n- wifi: mt76: mt7603: fix tx queue of loopback packets (git-fixes).\n- wifi: mt76: mt7603: rely on shared poll_list field (bsc#1227149).\n- wifi: mt76: mt7603: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).\n- wifi: mt76: mt7615: add missing chanctx ops (bsc#1227149).\n- wifi: mt76: mt7615: enable BSS_CHANGED_MU_GROUPS support (bsc#1227149).\n- wifi: mt76: mt7615: rely on shared poll_list field (bsc#1227149).\n- wifi: mt76: mt7615: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).\n- wifi: mt76: mt76_connac3: move lmac queue enumeration in mt76_connac3_mac.h (bsc#1227149).\n- wifi: mt76: mt76x02: fix return value check in mt76x02_mac_process_rx (bsc#1227149).\n- wifi: mt76: mt76x2u: add netgear wdna3100v3 to device table (bsc#1227149).\n- wifi: mt76: mt7915: accumulate mu-mimo ofdma muru stats (bsc#1227149).\n- wifi: mt76: mt7915: add locking for accessing mapped registers (bsc#1227149).\n- wifi: mt76: mt7915: add missing chanctx ops (bsc#1227149).\n- wifi: mt76: mt7915: add support for MT7981 (bsc#1227149).\n- wifi: mt76: mt7915 add tc offloading support (bsc#1227149).\n- wifi: mt76: mt7915: also MT7981 is 3T3R but nss2 on 5 GHz band (bsc#1227149).\n- wifi: mt76: mt7915: disable WFDMA Tx/Rx during SER recovery (bsc#1227149).\n- wifi: mt76: mt7915: drop return in mt7915_sta_statistics (bsc#1227149).\n- wifi: mt76: mt7915: fix EEPROM offset of TSSI flag on MT7981 (bsc#1227149).\n- wifi: mt76: mt7915: fix error recovery with WED enabled (bsc#1227149).\n- wifi: mt76: mt7915: fix monitor mode issues (bsc#1227149).\n- wifi: mt76: mt7915: move mib_stats structure in mt76.h (bsc#1227149).\n- wifi: mt76: mt7915: move poll_list in mt76_wcid (bsc#1227149).\n- wifi: mt76: mt7915: move sta_poll_list and sta_poll_lock in mt76_dev (bsc#1227149).\n- wifi: mt76: mt7915: report tx retries/failed counts for non-WED path (bsc#1227149).\n- wifi: mt76: mt7915: update mpdu density capability (bsc#1227149).\n- wifi: mt76: mt7915: update mt798x_wmac_adie_patch_7976 (bsc#1227149).\n- wifi: mt76: mt7915: workaround too long expansion sparse warnings (git-fixes).\n- wifi: mt76: mt7921: add 6GHz power type support for clc (bsc#1227149).\n- wifi: mt76: mt7921: convert acpisar and clc pointers to void (bsc#1227149).\n- wifi: mt76: mt7921: enable set txpower for UNII-4 (bsc#1227149).\n- wifi: mt76: mt7921e: report tx retries/failed counts in tx free event (bsc#1227149).\n- wifi: mt76: mt7921: fix 6GHz disabled by the missing default CLC config (bsc#1227149).\n- wifi: mt76: mt7921: fix a potential association failure upon resuming (bsc#1227149).\n- wifi: mt76: mt7921: fix CLC command timeout when suspend/resume (bsc#1227149).\n- wifi: mt76: mt7921: fix kernel panic by accessing invalid 6GHz channel info (bsc#1227149).\n- wifi: mt76: mt7921: fix suspend issue on MediaTek COB platform (bsc#1227149).\n- wifi: mt76: mt7921: fix the unfinished command of regd_notifier before suspend (bsc#1227149).\n- wifi: mt76: mt7921: fix wrong 6Ghz power type (bsc#1227149).\n- wifi: mt76: mt7921: get regulatory information from the clc event (bsc#1227149).\n- wifi: mt76: mt7921: get rid of MT7921_RESET_TIMEOUT marco (bsc#1227149).\n- wifi: mt76: mt7921: make mt7921_mac_sta_poll static (bsc#1227149).\n- wifi: mt76: mt7921: move acpi_sar code in mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt7921: move common register definition in mt792x_regs.h (bsc#1227149).\n- wifi: mt76: mt7921: move connac nic capability handling to mt7921 (bsc#1227149).\n- wifi: mt76: mt7921: move debugfs shared code in mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt7921: move dma shared code in mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt7921: move hif_ops macro in mt792x.h (bsc#1227149).\n- wifi: mt76: mt7921: move init shared code in mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt7921: move mac shared code in mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt7921: move mt7921_dma_init in pci.c (bsc#1227149).\n- wifi: mt76: mt7921: move mt7921u_disconnect mt792x-lib (bsc#1227149).\n- wifi: mt76: mt7921: move mt792x_hw_dev in mt792x.h (bsc#1227149).\n- wifi: mt76: mt7921: move mt792x_mutex_{acquire/release} in mt792x.h (bsc#1227149).\n- wifi: mt76: mt7921: move runtime-pm pci code in mt792x-lib (bsc#1227149).\n- wifi: mt76: mt7921: move shared runtime-pm code on mt792x-lib (bsc#1227149).\n- wifi: mt76: mt7921: reduce the size of MCU firmware download Rx queue (bsc#1227149).\n- wifi: mt76: mt7921: rely on mib_stats shared definition (bsc#1227149).\n- wifi: mt76: mt7921: rely on shared poll_list field (bsc#1227149).\n- wifi: mt76: mt7921: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).\n- wifi: mt76: mt7921: remove macro duplication in regs.h (bsc#1227149).\n- wifi: mt76: mt7921: rename mt7921_dev in mt792x_dev (bsc#1227149).\n- wifi: mt76: mt7921: rename mt7921_hif_ops in mt792x_hif_ops (bsc#1227149).\n- wifi: mt76: mt7921: rename mt7921_phy in mt792x_phy (bsc#1227149).\n- wifi: mt76: mt7921: rename mt7921_sta in mt792x_sta (bsc#1227149).\n- wifi: mt76: mt7921: rename mt7921_vif in mt792x_vif (bsc#1227149).\n- wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (stable-fixes).\n- wifi: mt76: mt7921: support 5.9/6GHz channel config in acpi (bsc#1227149).\n- wifi: mt76: mt7921: Support temp sensor (bsc#1227149).\n- wifi: mt76: mt7921: update the channel usage when the regd domain changed (bsc#1227149).\n- wifi: mt76: mt7925: add flow to avoid chip bt function fail (bsc#1227149).\n- wifi: mt76: mt7925: add Mediatek Wi-Fi7 driver for mt7925 chips (bsc#1227149).\n- wifi: mt76: mt7925: add support to set ifs time by mcu command (bsc#1227149).\n- wifi: mt76: mt7925e: fix use-after-free in free_irq() (bsc#1227149).\n- wifi: mt76: mt7925: ensure 4-byte alignment for suspend \u0026 wow command (bsc#1227149).\n- wifi: mt76: mt7925: fix connect to 80211b mode fail in 2Ghz band (bsc#1227149).\n- wifi: mt76: mt7925: fix fw download fail (bsc#1227149).\n- wifi: mt76: mt7925: fix mcu query command fail (bsc#1227149).\n- wifi: mt76: mt7925: fix SAP no beacon issue in 5Ghz and 6Ghz band (bsc#1227149).\n- wifi: mt76: mt7925: fix the wrong data type for scan command (bsc#1227149).\n- wifi: mt76: mt7925: fix the wrong header translation config (bsc#1227149).\n- wifi: mt76: mt7925: fix typo in mt7925_init_he_caps (bsc#1227149).\n- wifi: mt76: mt7925: fix wmm queue mapping (bsc#1227149).\n- wifi: mt76: mt7925: fix WoW failed in encrypted mode (bsc#1227149).\n- wifi: mt76: mt7925: remove iftype from mt7925_init_eht_caps signature (bsc#1227149).\n- wifi: mt76: mt7925: support temperature sensor (bsc#1227149).\n- wifi: mt76: mt7925: update PCIe DMA settings (bsc#1227149).\n- wifi: mt76: mt792x: add the illegal value check for mtcl table of acpi (bsc#1227149).\n- wifi: mt76: mt792x: fix ethtool warning (bsc#1227149).\n- wifi: mt76: mt792x: introduce mt792x_irq_map (bsc#1227149).\n- wifi: mt76: mt792x: introduce mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt792x: introduce mt792x-usb module (bsc#1227149).\n- wifi: mt76: mt792x: move more dma shared code in mt792x_dma (bsc#1227149).\n- wifi: mt76: mt792x: move mt7921_load_firmware in mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt792x: move MT7921_PM_TIMEOUT and MT7921_HW_SCAN_TIMEOUT in common code (bsc#1227149).\n- wifi: mt76: mt792x: move mt7921_skb_add_usb_sdio_hdr in mt792x module (bsc#1227149).\n- wifi: mt76: mt792x: move shared structure definition in mt792x.h (bsc#1227149).\n- wifi: mt76: mt792x: move some common usb code in mt792x module (bsc#1227149).\n- wifi: mt76: mt792x: support mt7925 chip init (bsc#1227149).\n- wifi: mt76: mt792xu: enable dmashdl support (bsc#1227149).\n- wifi: mt76: mt792x: update the country list of EU for ACPI SAR (bsc#1227149).\n- wifi: mt76: mt7996: add DMA support for mt7992 (bsc#1227149).\n- wifi: mt76: mt7996: add locking for accessing mapped registers (stable-fixes).\n- wifi: mt76: mt7996: Add mcu commands for getting sta tx statistic (bsc#1227149).\n- wifi: mt76: mt7996: add muru support (bsc#1227149).\n- wifi: mt76: mt7996: add sanity checks for background radar trigger (stable-fixes).\n- wifi: mt76: mt7996: add support for variants with auxiliary RX path (bsc#1227149).\n- wifi: mt76: mt7996: add thermal sensor device support (bsc#1227149).\n- wifi: mt76: mt7996: add txpower setting support (bsc#1227149).\n- wifi: mt76: mt7996: add TX statistics for EHT mode in debugfs (bsc#1227149).\n- wifi: mt76: mt7996: adjust interface num and wtbl size for mt7992 (bsc#1227149).\n- wifi: mt76: mt7996: adjust WFDMA settings to improve performance (bsc#1227149).\n- wifi: mt76: mt7996: align the format of fixed rate command (bsc#1227149).\n- wifi: mt76: mt7996: check txs format before getting skb by pid (bsc#1227149).\n- wifi: mt76: mt7996: disable AMSDU for non-data frames (stable-fixes).\n- wifi: mt76: mt7996: disable WFDMA Tx/Rx during SER recovery (bsc#1227149).\n- wifi: mt76: mt7996: drop return in mt7996_sta_statistics (bsc#1227149).\n- wifi: mt76: mt7996: enable BSS_CHANGED_MU_GROUPS support (bsc#1227149).\n- wifi: mt76: mt7996: enable PPDU-TxS to host (bsc#1227149).\n- wifi: mt76: mt7996: enable VHT extended NSS BW feature (bsc#1227149).\n- wifi: mt76: mt7996: ensure 4-byte alignment for beacon commands (bsc#1227149).\n- wifi: mt76: mt7996: fix alignment of sta info event (bsc#1227149).\n- wifi: mt76: mt7996: fix fortify warning (bsc#1227149).\n- wifi: mt76: mt7996: fix fw loading timeout (bsc#1227149).\n- wifi: mt76: mt7996: fix mt7996_mcu_all_sta_info_event struct packing (bsc#1227149).\n- wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature (bsc#1227149).\n- wifi: mt76: mt7996: fix size of txpower MCU command (bsc#1227149).\n- wifi: mt76: mt7996: fix uninitialized variable in mt7996_irq_tasklet() (bsc#1227149).\n- wifi: mt76: mt7996: fix uninitialized variable in parsing txfree (bsc#1227149).\n- wifi: mt76: mt7996: get tx_retries and tx_failed from txfree (bsc#1227149).\n- wifi: mt76: mt7996: handle IEEE80211_RC_SMPS_CHANGED (bsc#1227149).\n- wifi: mt76: mt7996: increase tx token size (bsc#1227149).\n- wifi: mt76: mt7996: introduce mt7996_band_valid() (bsc#1227149).\n- wifi: mt76: mt7996: mark GCMP IGTK unsupported (bsc#1227149).\n- wifi: mt76: mt7996: move radio ctrl commands to proper functions (bsc#1227149).\n- wifi: mt76: mt7996: only set vif teardown cmds at remove interface (bsc#1227149).\n- wifi: mt76: mt7996: rely on mib_stats shared definition (bsc#1227149).\n- wifi: mt76: mt7996: rely on shared poll_list field (bsc#1227149).\n- wifi: mt76: mt7996: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).\n- wifi: mt76: mt7996: remove periodic MPDU TXS request (bsc#1227149).\n- wifi: mt76: mt7996: remove TXS queue setting (bsc#1227149).\n- wifi: mt76: mt7996: rework ampdu params setting (bsc#1227149).\n- wifi: mt76: mt7996: rework register offsets for mt7992 (bsc#1227149).\n- wifi: mt76: mt7996: set DMA mask to 36 bits for boards with more than 4GB of RAM (bsc#1227149).\n- wifi: mt76: mt7996: support more options for mt7996_set_bitrate_mask() (bsc#1227149).\n- wifi: mt76: mt7996: support mt7992 eeprom loading (bsc#1227149).\n- wifi: mt76: mt7996: support per-band LED control (bsc#1227149).\n- wifi: mt76: mt7996: switch to mcu command for TX GI report (bsc#1227149).\n- wifi: mt76: mt7996: Use DECLARE_FLEX_ARRAY() and fix -Warray-bounds warnings (bsc#1227149).\n- wifi: mt76: mt7996: use u16 for val field in mt7996_mcu_set_rro signature (bsc#1227149).\n- wifi: mt76: permit to load precal from NVMEM cell for mt7915 (bsc#1227149).\n- wifi: mt76: permit to use alternative cell name to eeprom NVMEM load (bsc#1227149).\n- wifi: mt76: reduce spin_lock_bh held up in mt76_dma_rx_cleanup (bsc#1227149).\n- wifi: mt76: Remove redundant assignment to variable tidno (bsc#1227149).\n- wifi: mt76: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: mt76: replace skb_put with skb_put_zero (stable-fixes).\n- wifi: mt76: Replace strlcpy() with strscpy() (bsc#1227149).\n- wifi: mt76: report non-binding skb tx rate when WED is active (bsc#1227149).\n- wifi: mt76: set page_pool napi pointer for mmio devices (bsc#1227149).\n- wifi: mt76: split get_of_eeprom in subfunction (bsc#1227149).\n- wifi: mt76: usb: create a dedicated queue for psd traffic (bsc#1227149).\n- wifi: mt76: usb: store usb endpoint in mt76_queue (bsc#1227149).\n- wifi: mt76: use atomic iface iteration for pre-TBTT work (bsc#1227149).\n- wifi: mt76: use chainmask for power delta calculation (bsc#1227149).\n- wifi: mt76: Use PTR_ERR_OR_ZERO() to simplify code (bsc#1227149).\n- wifi: mwifiex: cleanup adapter data (bsc#1227149).\n- wifi: mwifiex: cleanup private data structures (bsc#1227149).\n- wifi: mwifiex: cleanup struct mwifiex_sdio_mpa_rx (bsc#1227149).\n- wifi: mwifiex: drop BUG_ON from TX paths (bsc#1227149).\n- wifi: mwifiex: Drop unused headers (bsc#1227149).\n- wifi: mwifiex: fix comment typos in SDIO module (bsc#1227149).\n- wifi: mwifiex: Fix interface type change (git-fixes).\n- wifi: mwifiex: followup PCIE and related cleanups (bsc#1227149).\n- wifi: mwifiex: handle possible mwifiex_write_reg() errors (bsc#1227149).\n- wifi: mwifiex: handle possible sscanf() errors (bsc#1227149).\n- wifi: mwifiex: mwifiex_process_sleep_confirm_resp(): remove unused priv variable (bsc#1227149).\n- wifi: mwifiex: prefer strscpy() over strlcpy() (bsc#1227149).\n- wifi: mwifiex: Refactor 1-element array into flexible array in struct mwifiex_ie_types_chan_list_param_set (bsc#1227149).\n- wifi: mwifiex: Replace one-element array with flexible-array member in struct mwifiex_ie_types_rxba_sync (bsc#1227149).\n- wifi: mwifiex: Set WIPHY_FLAG_NETNS_OK flag (bsc#1227149).\n- wifi: mwifiex: simplify PCIE write operations (bsc#1227149).\n- wifi: mwifiex: use cfg80211_ssid_eq() instead of mwifiex_ssid_cmp() (bsc#1227149).\n- wifi: mwifiex: Use default @max_active for workqueues (bsc#1227149).\n- wifi: mwifiex: Use helpers to check multicast addresses (bsc#1227149).\n- wifi: mwifiex: use is_zero_ether_addr() instead of ether_addr_equal() (bsc#1227149).\n- wifi: mwifiex: use kstrtoX_from_user() in debugfs handlers (bsc#1227149).\n- wifi: mwifiex: Use list_count_nodes() (bsc#1227149).\n- wifi: mwifiex: use MODULE_FIRMWARE to add firmware files metadata (bsc#1227149).\n- wifi: mwl8k: initialize cmd-\u003eaddr[] properly (git-fixes).\n- wifi: nl80211: additions to NL80211_CMD_SET_BEACON (bsc#1227149).\n- wifi: nl80211: allow reporting wakeup for unprot deauth/disassoc (bsc#1227149).\n- wifi: nl80211: Avoid address calculations via out of bounds array indexing (git-fixes).\n- wifi: nl80211: do not free NULL coalescing rule (git-fixes).\n- wifi: nl80211: Extend del pmksa support for SAE and OWE security (bsc#1227149).\n- wifi: nl80211: fixes to FILS discovery updates (bsc#1227149).\n- wifi: nl80211: refactor nl80211_send_mlme_event() arguments (bsc#1227149).\n- wifi: nl80211: Remove unused declaration nl80211_pmsr_dump_results() (bsc#1227149).\n- wifi: p54: Add missing MODULE_FIRMWARE macro (bsc#1227149).\n- wifi: p54: Annotate struct p54_cal_database with __counted_by (bsc#1227149).\n- wifi: p54: fix GCC format truncation warning with wiphy-\u003efw_version (bsc#1227149).\n- wifi: plfxlc: Drop unused include (bsc#1227149).\n- wifi: radiotap: add bandwidth definition of EHT U-SIG (bsc#1227149).\n- wifi: remove unused argument of ieee80211_get_tdls_action() (bsc#1227149).\n- wifi: rsi: fix restricted __le32 degrades to integer sparse warnings (bsc#1227149).\n- wifi: rsi: rsi_91x_coex: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_debugfs: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_hal: Remove unnecessary conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_mac80211: Remove unnecessary conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_main: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_sdio_ops: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_sdio: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_usb_ops: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_usb: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rt2x00: correct MAC_SYS_CTRL register RX mask in R-Calibration (bsc#1227149).\n- wifi: rt2x00: disable RTS threshold for rt2800 by default (bsc#1227149).\n- wifi: rt2x00: fix MT7620 low RSSI issue (bsc#1227149).\n- wifi: rt2x00: fix rt2800 watchdog function (bsc#1227149).\n- wifi: rt2x00: fix the typo in comments (bsc#1227149).\n- wifi: rt2x00: improve MT7620 register initialization (bsc#1227149).\n- wifi: rt2x00: introduce DMA busy check watchdog for rt2800 (bsc#1227149).\n- wifi: rt2x00: limit MT7620 TX power based on eeprom calibration (bsc#1227149).\n- wifi: rt2x00: make watchdog param per device (bsc#1227149).\n- wifi: rt2x00: remove redundant check if u8 array element is less than zero (bsc#1227149).\n- wifi: rt2x00: remove useless code in rt2x00queue_create_tx_descriptor() (bsc#1227149).\n- wifi: rt2x00: rework MT7620 channel config function (bsc#1227149).\n- wifi: rt2x00: rework MT7620 PA/LNA RF calibration (bsc#1227149).\n- wifi: rt2x00: silence sparse warnings (bsc#1227149).\n- wifi: rt2x00: Simplify bool conversion (bsc#1227149).\n- wifi: rt2x00: simplify rt2x00crypto_rx_insert_iv() (bsc#1227149).\n- wifi: rtl8xxxu: 8188e: convert usage of priv-\u003evif to priv-\u003evifs[0] (bsc#1227149).\n- wifi: rtl8xxxu: 8188f: Limit TX power index (git-fixes).\n- wifi: rtl8xxxu: Actually use macid in rtl8xxxu_gen2_report_connect (bsc#1227149).\n- wifi: rtl8xxxu: Add a description about the device ID 0x7392:0xb722 (bsc#1227149).\n- wifi: rtl8xxxu: Add beacon functions (bsc#1227149).\n- wifi: rtl8xxxu: add hw crypto support for AP mode (bsc#1227149).\n- wifi: rtl8xxxu: add macids for STA mode (bsc#1227149).\n- wifi: rtl8xxxu: add missing number of sec cam entries for all variants (bsc#1227149).\n- wifi: rtl8xxxu: Add parameter force to rtl8xxxu_refresh_rate_mask (bsc#1227149).\n- wifi: rtl8xxxu: Add parameter macid to update_rate_mask (bsc#1227149).\n- wifi: rtl8xxxu: Add parameter role to report_connect (bsc#1227149).\n- wifi: rtl8xxxu: Add set_tim() callback (bsc#1227149).\n- wifi: rtl8xxxu: Add sta_add() and sta_remove() callbacks (bsc#1227149).\n- wifi: rtl8xxxu: Add start_ap() callback (bsc#1227149).\n- wifi: rtl8xxxu: Add TP-Link TL-WN823N V2 (bsc#1227149).\n- wifi: rtl8xxxu: Allow creating interface in AP mode (bsc#1227149).\n- wifi: rtl8xxxu: Allow setting rts threshold to -1 (bsc#1227149).\n- wifi: rtl8xxxu: check vif before using in rtl8xxxu_tx() (bsc#1227149).\n- wifi: rtl8xxxu: Clean up filter configuration (bsc#1227149).\n- wifi: rtl8xxxu: convert EN_DESC_ID of TX descriptor to le32 type (bsc#1227149).\n- wifi: rtl8xxxu: Declare AP mode support for 8188f (bsc#1227149).\n- wifi: rtl8xxxu: declare concurrent mode support for 8188f (bsc#1227149).\n- wifi: rtl8xxxu: do not parse CFO, if both interfaces are connected in STA mode (bsc#1227149).\n- wifi: rtl8xxxu: Enable AP mode for RTL8192EU (bsc#1227149).\n- wifi: rtl8xxxu: Enable AP mode for RTL8192FU (bsc#1227149).\n- wifi: rtl8xxxu: Enable AP mode for RTL8710BU (RTL8188GU) (bsc#1227149).\n- wifi: rtl8xxxu: Enable AP mode for RTL8723BU (bsc#1227149).\n- wifi: rtl8xxxu: enable channel switch support (bsc#1227149).\n- wifi: rtl8xxxu: Enable hw seq for mgmt/non-QoS data frames (bsc#1227149).\n- wifi: rtl8xxxu: enable MFP support with security flag of RX descriptor (bsc#1227149).\n- wifi: rtl8xxxu: extend check for matching bssid to both interfaces (bsc#1227149).\n- wifi: rtl8xxxu: extend wifi connected check to both interfaces (bsc#1227149).\n- wifi: rtl8xxxu: fix error messages (bsc#1227149).\n- wifi: rtl8xxxu: Fix LED control code of RTL8192FU (bsc#1227149).\n- wifi: rtl8xxxu: fix mixed declarations in rtl8xxxu_set_aifs() (bsc#1227149).\n- wifi: rtl8xxxu: Fix off by one initial RTS rate (bsc#1227149).\n- wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes).\n- wifi: rtl8xxxu: make instances of iface limit and combination to be static const (bsc#1227149).\n- wifi: rtl8xxxu: make supporting AP mode only on port 0 transparent (bsc#1227149).\n- wifi: rtl8xxxu: mark TOTOLINK N150UA V5/N150UA-B as tested (bsc#1227149).\n- wifi: rtl8xxxu: prepare supporting two virtual interfaces (bsc#1227149).\n- wifi: rtl8xxxu: Put the macid in txdesc (bsc#1227149).\n- wifi: rtl8xxxu: remove assignment of priv-\u003evif in rtl8xxxu_bss_info_changed() (bsc#1227149).\n- wifi: rtl8xxxu: remove obsolete priv-\u003evif (bsc#1227149).\n- wifi: rtl8xxxu: Remove usage of ieee80211_get_tx_rate() (bsc#1227149).\n- wifi: rtl8xxxu: Remove usage of tx_info-\u003econtrol.rates[0].flags (bsc#1227149).\n- wifi: rtl8xxxu: Rename some registers (bsc#1227149).\n- wifi: rtl8xxxu: rtl8xxxu_rx_complete(): remove unnecessary return (bsc#1227149).\n- wifi: rtl8xxxu: Select correct queue for beacon frames (bsc#1227149).\n- wifi: rtl8xxxu: Set maximum number of supported stations (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interface in start_ap() (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interfaces in {add,remove}_interface() (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interfaces in bss_info_changed() (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interfaces in configure_filter() (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interfaces in set_aifs() (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interfaces in update_beacon_work_callback() (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interfaces in watchdog_callback() (bsc#1227149).\n- wifi: rtl8xxxu: Support new chip RTL8192FU (bsc#1227149).\n- wifi: rtl8xxxu: support setting bssid register for multiple interfaces (bsc#1227149).\n- wifi: rtl8xxxu: support setting linktype for both interfaces (bsc#1227149).\n- wifi: rtl8xxxu: support setting mac address register for both interfaces (bsc#1227149).\n- wifi: rtl8xxxu: Support USB RX aggregation for the newer chips (bsc#1227149).\n- wifi: rtl8xxxu: update rate mask per sta (bsc#1227149).\n- wifi: rtlwifi: cleanup few rtlxxx_tx_fill_desc() routines (bsc#1227149).\n- wifi: rtlwifi: cleanup few rtlxxxx_set_hw_reg() routines (bsc#1227149).\n- wifi: rtlwifi: cleanup struct rtl_hal (bsc#1227149).\n- wifi: rtlwifi: cleanup struct rtl_phy (bsc#1227149).\n- wifi: rtlwifi: cleanup struct rtl_ps_ctl (bsc#1227149).\n- wifi: rtlwifi: cleanup USB interface (bsc#1227149).\n- wifi: rtlwifi: Convert to use PCIe capability accessors (bsc#1227149).\n- wifi: rtlwifi: drop chk_switch_dmdp() from HAL interface (bsc#1227149).\n- wifi: rtlwifi: drop fill_fake_txdesc() from HAL interface (bsc#1227149).\n- wifi: rtlwifi: drop pre_fill_tx_bd_desc() from HAL interface (bsc#1227149).\n- wifi: rtlwifi: drop unused const_amdpci_aspm (bsc#1227149).\n- wifi: rtlwifi: Ignore IEEE80211_CONF_CHANGE_RETRY_LIMITS (bsc#1227149).\n- wifi: rtlwifi: Remove bridge vendor/device ids (bsc#1227149).\n- wifi: rtlwifi: remove misused flag from HAL data (bsc#1227149).\n- wifi: rtlwifi: Remove rtl_intf_ops.read_efuse_byte (bsc#1227149).\n- wifi: rtlwifi: remove unreachable code in rtl92d_dm_check_edca_turbo() (bsc#1227149).\n- wifi: rtlwifi: remove unused dualmac control leftovers (bsc#1227149).\n- wifi: rtlwifi: Remove unused PCI related defines and struct (bsc#1227149).\n- wifi: rtlwifi: remove unused timer and related code (bsc#1227149).\n- wifi: rtlwifi: rtl8192cu: Fix 2T2R chip type detection (bsc#1227149).\n- wifi: rtlwifi: rtl8192cu: Fix TX aggregation (bsc#1227149).\n- wifi: rtlwifi: rtl8192de: Do not read register in _rtl92de_query_rxphystatus (bsc#1227149).\n- wifi: rtlwifi: rtl8192de: Fix 5 GHz TX power (stable-fixes).\n- wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes).\n- wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes).\n- wifi: rtlwifi: rtl8723: Remove unused function rtl8723_cmd_send_packet() (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: Access full PMCS reg and use pci_regs.h (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: Add pdev into _rtl8821ae_clear_pci_pme_status() (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: phy: remove some useless code (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: phy: using calculate_bit_shift() (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: Remove unnecessary PME_Status bit set (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: Reverse PM Capability exists check (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: Use pci_find_capability() (bsc#1227149).\n- wifi: rtlwifi: rtl92ee_dm_dynamic_primary_cca_check(): fix typo in function name (bsc#1227149).\n- wifi: rtlwifi: rtl_usb: Store the endpoint addresses (bsc#1227149).\n- wifi: rtlwifi: rtl_usb: Use sync register writes (bsc#1227149).\n- wifi: rtlwifi: set initial values for unexpected cases of USB endpoint priority (bsc#1227149).\n- wifi: rtlwifi: simplify LED management (bsc#1227149).\n- wifi: rtlwifi: simplify rtl_action_proc() and rtl_tx_agg_start() (bsc#1227149).\n- wifi: rtlwifi: simplify TX command fill callbacks (bsc#1227149).\n- wifi: rtlwifi: Speed up firmware loading for USB (bsc#1227149).\n- wifi: rtlwifi: use convenient list_count_nodes() (bsc#1227149).\n- wifi: rtlwifi: use eth_broadcast_addr() to assign broadcast address (bsc#1227149).\n- wifi: rtlwifi: use helper function rtl_get_hdr() (bsc#1227149).\n- wifi: rtlwifi: use unsigned long for bt_coexist_8723 timestamp (bsc#1227149).\n- wifi: rtlwifi: use unsigned long for rtl_bssid_entry timestamp (bsc#1227149).\n- wifi: rtw88: 8821c: tweak CCK TX filter setting for SRRC regulation (bsc#1227149).\n- wifi: rtw88: 8821cu: Fix connection failure (stable-fixes).\n- wifi: rtw88: 8821c: update TX power limit to V67 (bsc#1227149).\n- wifi: rtw88: 8822ce: refine power parameters for RFE type 5 (bsc#1227149).\n- wifi: rtw88: 8822c: update TX power limit to V70 (bsc#1227149).\n- wifi: rtw88: add missing unwind goto for __rtw_download_firmware() (bsc#1227149).\n- wifi: rtw88: Add missing VID/PIDs for 8811CU and 8821CU (stable-fixes).\n- wifi: rtw88: Add support for the SDIO based RTL8723DS chipset (bsc#1227149).\n- wifi: rtw88: debug: add to check if debug mask is enabled (bsc#1227149).\n- wifi: rtw88: debug: remove wrapper of rtw_dbg() (bsc#1227149).\n- wifi: rtw88: dump firmware debug information in abnormal state (bsc#1227149).\n- wifi: rtw88: Fix action frame transmission fail before association (bsc#1227149).\n- wifi: rtw88: Fix AP mode incorrect DTIM behavior (bsc#1227149).\n- wifi: rtw88: fix incorrect error codes in rtw_debugfs_copy_from_user (bsc#1227149).\n- wifi: rtw88: fix incorrect error codes in rtw_debugfs_set_* (bsc#1227149).\n- wifi: rtw88: fix not entering PS mode after AP stops (bsc#1227149).\n- wifi: rtw88: fix typo rtw8822cu_probe (bsc#1227149).\n- wifi: rtw88: process VO packets without workqueue to avoid PTK rekey failed (bsc#1227149).\n- wifi: rtw88: refine register based H2C command (bsc#1227149).\n- wifi: rtw88: regd: configure QATAR and UK (bsc#1227149).\n- wifi: rtw88: regd: update regulatory map to R64-R42 (bsc#1227149).\n- wifi: rtw88: remove unused and set but unused leftovers (bsc#1227149).\n- wifi: rtw88: remove unused USB bulkout size set (bsc#1227149).\n- wifi: rtw88: rtw8723d: Implement RTL8723DS (SDIO) efuse parsing (bsc#1227149).\n- wifi: rtw88: simplify __rtw_tx_work() (bsc#1227149).\n- wifi: rtw88: simplify vif iterators (bsc#1227149).\n- wifi: rtw88: Skip high queue in hci_flush (bsc#1227149).\n- wifi: rtw88: Stop high queue during scan (bsc#1227149).\n- wifi: rtw88: use cfg80211_ssid_eq() instead of rtw_ssid_equal() (bsc#1227149).\n- wifi: rtw88: use kstrtoX_from_user() in debugfs handlers (bsc#1227149).\n- wifi: rtw88: Use random MAC when efuse MAC invalid (bsc#1227149).\n- wifi: rtw88: use struct instead of macros to set TX desc (bsc#1227149).\n- wifi: rtw89: 52c: rfk: disable DPK during MCC (bsc#1227149).\n- wifi: rtw89: 52c: rfk: refine MCC channel info notification (bsc#1227149).\n- wifi: rtw89: 8851b: add 8851B basic chip_info (bsc#1227149).\n- wifi: rtw89: 8851b: add 8851be to Makefile and Kconfig (bsc#1227149).\n- wifi: rtw89: 8851b: add basic power on function (bsc#1227149).\n- wifi: rtw89: 8851b: add BT coexistence support function (bsc#1227149).\n- wifi: rtw89: 8851b: add DLE mem and HFC quota (bsc#1227149).\n- wifi: rtw89: 8851b: add MAC configurations to chip_info (bsc#1227149).\n- wifi: rtw89: 8851b: add NCTL post table (bsc#1227149).\n- wifi: rtw89: 8851b: add RF configurations (bsc#1227149).\n- wifi: rtw89: 8851b: add set channel function (bsc#1227149).\n- wifi: rtw89: 8851b: add set_channel_rf() (bsc#1227149).\n- wifi: rtw89: 8851b: add support WoWLAN to 8851B (bsc#1227149).\n- wifi: rtw89: 8851b: add to parse efuse content (bsc#1227149).\n- wifi: rtw89: 8851b: add to read efuse version to recognize hardware version B (bsc#1227149).\n- wifi: rtw89: 8851b: add TX power related functions (bsc#1227149).\n- wifi: rtw89: 8851b: configure CRASH_TRIGGER feature for 8851B (bsc#1227149).\n- wifi: rtw89: 8851b: configure GPIO according to RFE type (bsc#1227149).\n- wifi: rtw89: 8851b: configure to force 1 TX power value (bsc#1227149).\n- wifi: rtw89: 8851be: add 8851BE PCI entry and fill PCI capabilities (bsc#1227149).\n- wifi: rtw89: 8851b: enable hw_scan support (bsc#1227149).\n- wifi: rtw89: 8851b: fill BB related capabilities to chip_info (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add AACK (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add DACK (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add DPK (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add IQK (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add LCK track (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add RCK (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add RX DCK (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add TSSI (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: Fix spelling mistake KIP_RESOTRE -\u003e KIP_RESTORE (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: update IQK to version 0x8 (bsc#1227149).\n- wifi: rtw89: 8851b: update RF radio A parameters to R28 (bsc#1227149).\n- wifi: rtw89: 8851b: update TX power tables to R28 (bsc#1227149).\n- wifi: rtw89: 8851b: update TX power tables to R34 (bsc#1227149).\n- wifi: rtw89: 8851b: update TX power tables to R37 (bsc#1227149).\n- wifi: rtw89: 8852b: fix definition of KIP register number (git-fixes).\n- wifi: rtw89: 8852b: update TX power tables to R35 (bsc#1227149).\n- wifi: rtw89: 8852b: update TX power tables to R36 (bsc#1227149).\n- wifi: rtw89: 8852c: add quirk to set PCI BER for certain platforms (bsc#1227149).\n- wifi: rtw89: 8852c: declare to support two chanctx (bsc#1227149).\n- wifi: rtw89: 8852c: Fix TSSI causes transmit power inaccuracy (bsc#1227149).\n- wifi: rtw89: 8852c: read RX gain offset from efuse for 6GHz channels (bsc#1227149).\n- wifi: rtw89: 8852c: Update bandedge parameters for better performance (bsc#1227149).\n- wifi: rtw89: 8852c: update RF radio A/B parameters to R63 (bsc#1227149).\n- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (1 of 3) (bsc#1227149).\n- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (2 of 3) (bsc#1227149).\n- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (3 of 3) (bsc#1227149).\n- wifi: rtw89: 8852c: update TX power tables to R67 (bsc#1227149).\n- wifi: rtw89: 8922a: add 8922A basic chip info (bsc#1227149).\n- wifi: rtw89: 8922a: add BTG functions to assist BT coexistence to control TX/RX (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops::bb_preinit to enable BB before downloading firmware (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops::cfg_txrx_path (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops::{enable,disable}_bb_rf (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops related to BB init (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops::rfk_hw_init (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops::rfk_init_late to do initial RF calibrations later (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops to get thermal value (bsc#1227149).\n- wifi: rtw89: 8922a: add coexistence helpers of SW grant (bsc#1227149).\n- wifi: rtw89: 8922a: add helper of set_channel (bsc#1227149).\n- wifi: rtw89: 8922a: add ieee80211_ops::hw_scan (bsc#1227149).\n- wifi: rtw89: 8922a: add more fields to beacon H2C command to support multi-links (bsc#1227149).\n- wifi: rtw89: 8922a: add NCTL pre-settings for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: 8922a: add power on/off functions (bsc#1227149).\n- wifi: rtw89: 8922a: add register definitions of H2C, C2H, page, RRSR and EDCCA (bsc#1227149).\n- wifi: rtw89: 8922a: add RF read/write v2 (bsc#1227149).\n- wifi: rtw89: 8922a: add SER IMR tables (bsc#1227149).\n- wifi: rtw89: 8922a: add set_channel BB part (bsc#1227149).\n- wifi: rtw89: 8922a: add set_channel MAC part (bsc#1227149).\n- wifi: rtw89: 8922a: add set_channel RF part (bsc#1227149).\n- wifi: rtw89: 8922a: add TX power related ops (bsc#1227149).\n- wifi: rtw89: 8922a: configure CRASH_TRIGGER FW feature (bsc#1227149).\n- wifi: rtw89: 8922a: correct register definition and merge IO for ctrl_nbtg_bt_tx() (bsc#1227149).\n- wifi: rtw89: 8922a: declare to support two chanctx (bsc#1227149).\n- wifi: rtw89: 8922a: dump MAC registers when SER occurs (bsc#1227149).\n- wifi: rtw89: 8922ae: add 8922AE PCI entry and basic info (bsc#1227149).\n- wifi: rtw89: 8922ae: add v2 interrupt handlers for 8922AE (bsc#1227149).\n- wifi: rtw89: 8922a: extend and add quota number (bsc#1227149).\n- wifi: rtw89: 8922a: hook handlers of TX/RX descriptors to chip_ops (bsc#1227149).\n- wifi: rtw89: 8922a: implement AP mode related reg for BE generation (bsc#1227149).\n- wifi: rtw89: 8922a: implement {stop,resume}_sch_tx and cfg_ppdu (bsc#1227149).\n- wifi: rtw89: 8922a: read efuse content from physical map (bsc#1227149).\n- wifi: rtw89: 8922a: read efuse content via efuse map struct from logic map (bsc#1227149).\n- wifi: rtw89: 8922a: rfk: implement chip_ops to call RF calibrations (bsc#1227149).\n- wifi: rtw89: 8922a: set chip_ops FEM and GPIO to NULL (bsc#1227149).\n- wifi: rtw89: 8922a: set memory heap address for secure firmware (bsc#1227149).\n- wifi: rtw89: 8922a: set RX gain along with set_channel operation (bsc#1227149).\n- wifi: rtw89: 8922a: update BA CAM number to 24 (bsc#1227149).\n- wifi: rtw89: 8922a: update the register used in DIG and the DIG flow (bsc#1227149).\n- wifi: rtw89: acpi: process 6 GHz band policy from DSM (bsc#1227149).\n- wifi: rtw89: add C2H event handlers of RFK log and report (bsc#1227149).\n- wifi: rtw89: add C2H RA event V1 to support WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: add CFO XTAL registers field to support 8851B (bsc#1227149).\n- wifi: rtw89: add chip_info::chip_gen to determine chip generation (bsc#1227149).\n- wifi: rtw89: add chip_info::txwd_info size to generalize TX WD submit (bsc#1227149).\n- wifi: rtw89: add chip_ops::h2c_ba_cam() to configure BA CAM (bsc#1227149).\n- wifi: rtw89: add chip_ops::query_rxdesc() and rxd_len as helpers to support newer chips (bsc#1227149).\n- wifi: rtw89: add chip_ops::update_beacon to abstract update beacon operation (bsc#1227149).\n- wifi: rtw89: add DBCC H2C to notify firmware the status (bsc#1227149).\n- wifi: rtw89: add EHT capabilities for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: add EHT radiotap in monitor mode (bsc#1227149).\n- wifi: rtw89: Add EHT rate mask as parameters of RA H2C command (bsc#1227149).\n- wifi: rtw89: add EVM and SNR statistics to debugfs (bsc#1227149).\n- wifi: rtw89: add EVM for antenna diversity (bsc#1227149).\n- wifi: rtw89: add firmware H2C command of BA CAM V1 (bsc#1227149).\n- wifi: rtw89: add firmware parser for v1 format (bsc#1227149).\n- wifi: rtw89: add firmware suit for BB MCU 0/1 (bsc#1227149).\n- wifi: rtw89: add function prototype for coex request duration (bsc#1227149).\n- wifi: rtw89: add H2C command to download beacon frame for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: add H2C RA command V1 to support WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: add mac_gen pointer to access mac port registers (bsc#1227149).\n- wifi: rtw89: add mlo_dbcc_mode for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: add new H2C command to pause/sleep transmitting by MAC ID (bsc#1227149).\n- wifi: rtw89: add new H2C for PS mode in 802.11be chip (bsc#1227149).\n- wifi: rtw89: add reserved size as factor of DLE used size (bsc#1227149).\n- wifi: rtw89: add RSSI based antenna diversity (bsc#1227149).\n- wifi: rtw89: add RSSI statistics for the case of antenna diversity to debugfs (bsc#1227149).\n- wifi: rtw89: add subband index of primary channel to struct rtw89_chan (bsc#1227149).\n- wifi: rtw89: add to display hardware rates v1 histogram in debugfs (bsc#1227149).\n- wifi: rtw89: add to fill TX descriptor for firmware command v2 (bsc#1227149).\n- wifi: rtw89: add to fill TX descriptor v2 (bsc#1227149).\n- wifi: rtw89: add to parse firmware elements of BB and RF tables (bsc#1227149).\n- wifi: rtw89: add to query RX descriptor format v2 (bsc#1227149).\n- wifi: rtw89: add tx_wake notify for 8851B (bsc#1227149).\n- wifi: rtw89: add wait/completion for abort scan (bsc#1227149).\n- wifi: rtw89: add XTAL SI for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: adjust init_he_cap() to add EHT cap into iftype_data (bsc#1227149).\n- wifi: rtw89: advertise missing extended scan feature (bsc#1227149).\n- wifi: rtw89: avoid stringop-overflow warning (bsc#1227149).\n- wifi: rtw89: call rtw89_chan_get() by vif chanctx if aware of vif (bsc#1227149).\n- wifi: rtw89: chan: add sub-entity swap function to cover replacing (bsc#1227149).\n- wifi: rtw89: change naming of BA CAM from V1 to V0_EXT (bsc#1227149).\n- wifi: rtw89: change qutoa to DBCC by default for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: change supported bandwidths of chip_info to bit mask (bsc#1227149).\n- wifi: rtw89: chan: MCC take reconfig into account (bsc#1227149).\n- wifi: rtw89: chan: move handling from add/remove to assign/unassign for MLO (bsc#1227149).\n- wifi: rtw89: chan: support MCC on Wi-Fi 7 chips (bsc#1227149).\n- wifi: rtw89: chan: tweak bitmap recalc ahead before MLO (bsc#1227149).\n- wifi: rtw89: chan: tweak weight recalc ahead before MLO (bsc#1227149).\n- wifi: rtw89: cleanup firmware elements parsing (bsc#1227149).\n- wifi: rtw89: cleanup private data structures (bsc#1227149).\n- wifi: rtw89: cleanup rtw89_iqk_info and related code (bsc#1227149).\n- wifi: rtw89: coex: add annotation __counted_by() for struct rtw89_btc_btf_set_slot_table (bsc#1227149).\n- wifi: rtw89: coex: add annotation __counted_by() to struct rtw89_btc_btf_set_mon_reg (bsc#1227149).\n- wifi: rtw89: coex: Add Bluetooth RSSI level information (bsc#1227149).\n- wifi: rtw89: coex: add BTC ctrl_info version 7 and related logic (bsc#1227149).\n- wifi: rtw89: coex: Add coexistence policy to decrease WiFi packet CRC-ERR (bsc#1227149).\n- wifi: rtw89: coex: add init_info H2C command format version 7 (bsc#1227149).\n- wifi: rtw89: coex: Add Pre-AGC control to enhance Wi-Fi RX performance (bsc#1227149).\n- wifi: rtw89: coex: add return value to ensure H2C command is success or not (bsc#1227149).\n- wifi: rtw89: coex: fix configuration for shared antenna for 8922A (bsc#1227149).\n- wifi: rtw89: coex: Fix wrong Wi-Fi role info and FDDT parameter members (bsc#1227149).\n- wifi: rtw89: coex: Record down Wi-Fi initial mode information (bsc#1227149).\n- wifi: rtw89: coex: Reorder H2C command index to align with firmware (bsc#1227149).\n- wifi: rtw89: coex: Set Bluetooth scan low-priority when Wi-Fi link/scan (bsc#1227149).\n- wifi: rtw89: coex: Still show hardware grant signal info even Wi-Fi is PS (bsc#1227149).\n- wifi: rtw89: coex: To improve Wi-Fi performance while BT is idle (bsc#1227149).\n- wifi: rtw89: coex: Translate antenna configuration from ID to string (bsc#1227149).\n- wifi: rtw89: coex: Update BTG control related logic (bsc#1227149).\n- wifi: rtw89: coex: Update coexistence policy for Wi-Fi LPS (bsc#1227149).\n- wifi: rtw89: coex: Update RF parameter control setting logic (bsc#1227149).\n- wifi: rtw89: coex: use struct assignment to replace memcpy() to append TDMA content (bsc#1227149).\n- wifi: rtw89: coex: When Bluetooth not available do not set power/gain (bsc#1227149).\n- wifi: rtw89: configure PPDU max user by chip (bsc#1227149).\n- wifi: rtw89: consider RX info for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: consolidate registers of mac port to struct (bsc#1227149).\n- wifi: rtw89: correct aSIFSTime for 6GHz band (stable-fixes).\n- wifi: rtw89: correct PHY register offset for PHY-1 (bsc#1227149).\n- wifi: rtw89: correct the DCFO tracking flow to improve CFO compensation (bsc#1227149).\n- wifi: rtw89: debug: add debugfs entry to disable dynamic mechanism (bsc#1227149).\n- wifi: rtw89: debug: add FW log component for scan (bsc#1227149).\n- wifi: rtw89: debug: add to check if debug mask is enabled (bsc#1227149).\n- wifi: rtw89: debug: remove wrapper of rtw89_debug() (bsc#1227149).\n- wifi: rtw89: debug: show txpwr table according to chip gen (bsc#1227149).\n- wifi: rtw89: debug: txpwr table access only valid page according to chip (bsc#1227149).\n- wifi: rtw89: debug: txpwr table supports Wi-Fi 7 chips (bsc#1227149).\n- wifi: rtw89: declare EXT NSS BW of VHT capability (bsc#1227149).\n- wifi: rtw89: declare MCC in interface combination (bsc#1227149).\n- wifi: rtw89: define hardware rate v1 for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: differentiate narrow_bw_ru_dis setting according to chip gen (bsc#1227149).\n- wifi: rtw89: disable RTS when broadcast/multicast (bsc#1227149).\n- wifi: rtw89: download firmware with five times retry (bsc#1227149).\n- wifi: rtw89: drop TIMING_BEACON_ONLY and sync beacon TSF by self (bsc#1227149).\n- wifi: rtw89: enlarge supported length of read_reg debugfs entry (bsc#1227149).\n- wifi: rtw89: extend PHY status parser to support WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (git-fixes).\n- wifi: rtw89: fix a width vs precision bug (bsc#1227149).\n- wifi: rtw89: Fix clang -Wimplicit-fallthrough in rtw89_query_sar() (bsc#1227149).\n- wifi: rtw89: fix disabling concurrent mode TX hang issue (bsc#1227149).\n- wifi: rtw89: fix HW scan not aborting properly (git-fixes).\n- wifi: rtw89: fix HW scan timeout due to TSF sync issue (bsc#1227149).\n- wifi: rtw89: fix misbehavior of TX beacon in concurrent mode (bsc#1227149).\n- wifi: rtw89: fix not entering PS mode after AP stops (bsc#1227149).\n- wifi: rtw89: fix null pointer access when abort scan (stable-fixes).\n- wifi: rtw89: fix spelling typo of IQK debug messages (bsc#1227149).\n- wifi: rtw89: fix typo of rtw89_fw_h2c_mcc_macid_bitmap() (bsc#1227149).\n- wifi: rtw89: fw: add checking type for variant type of firmware (bsc#1227149).\n- wifi: rtw89: fw: add chip_ops to update CMAC table to associated station (bsc#1227149).\n- wifi: rtw89: fw: add definition of H2C command and C2H event for MRC series (bsc#1227149).\n- wifi: rtw89: fw: add H2C command to reset CMAC table for WiFi 7 (bsc#1227149).\n- wifi: rtw89: fw: add H2C command to reset DMAC table for WiFi 7 (bsc#1227149).\n- wifi: rtw89: fw: add H2C command to update security CAM v2 (bsc#1227149).\n- wifi: rtw89: fw: add version field to BB MCU firmware element (bsc#1227149).\n- wifi: rtw89: fw: consider checksum length of security data (bsc#1227149).\n- wifi: rtw89: fw: download firmware with key data for secure boot (bsc#1227149).\n- wifi: rtw89: fw: extend JOIN H2C command to support WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: fw: extend program counter dump for Wi-Fi 7 chip (bsc#1227149).\n- wifi: rtw89: fw: fill CMAC table to associated station for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: fw: generalize download firmware flow by mac_gen pointers (bsc#1227149).\n- wifi: rtw89: fw: implement MRC H2C command functions (bsc#1227149).\n- wifi: rtw89: fw: implement supported functions of download firmware for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: fw: load TX power track tables from fw_element (bsc#1227149).\n- wifi: rtw89: fw: move polling function of firmware path ready to an individual function (bsc#1227149).\n- wifi: rtw89: fw: parse secure section from firmware file (bsc#1227149).\n- wifi: rtw89: fw: propagate an argument include_bb for BB MCU firmware (bsc#1227149).\n- wifi: rtw89: fw: read firmware secure information from efuse (bsc#1227149).\n- wifi: rtw89: fw: refine download flow to support variant firmware suits (bsc#1227149).\n- wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband (bsc#1227149).\n- wifi: rtw89: fw: update TX AMPDU parameter to CMAC table (bsc#1227149).\n- wifi: rtw89: fw: use struct to fill BA CAM H2C commands (bsc#1227149).\n- wifi: rtw89: fw: use struct to fill JOIN H2C command (bsc#1227149).\n- wifi: rtw89: get data rate mode/NSS/MCS v1 from RX descriptor (bsc#1227149).\n- wifi: rtw89: indicate TX power by rate table inside RFE parameter (bsc#1227149).\n- wifi: rtw89: indicate TX shape table inside RFE parameter (bsc#1227149).\n- wifi: rtw89: initialize antenna for antenna diversity (bsc#1227149).\n- wifi: rtw89: initialize multi-channel handling (bsc#1227149).\n- wifi: rtw89: introduce infrastructure of firmware elements (bsc#1227149).\n- wifi: rtw89: introduce realtek ACPI DSM method (bsc#1227149).\n- wifi: rtw89: Introduce Time Averaged SAR (TAS) feature (bsc#1227149).\n- wifi: rtw89: introduce v1 format of firmware header (bsc#1227149).\n- wifi: rtw89: load BB parameters to PHY-1 (bsc#1227149).\n- wifi: rtw89: load RFK log format string from firmware file (bsc#1227149).\n- wifi: rtw89: load TX power by rate when RFE parms setup (bsc#1227149).\n- wifi: rtw89: load TX power related tables from FW elements (bsc#1227149).\n- wifi: rtw89: mac: add coexistence helpers {cfg/get}_plt (bsc#1227149).\n- wifi: rtw89: mac: add feature_init to initialize BA CAM V1 (bsc#1227149).\n- wifi: rtw89: mac: add flags to check if CMAC and DMAC are enabled (bsc#1227149).\n- wifi: rtw89: mac: add mac_gen_def::band1_offset to map MAC band1 register address (bsc#1227149).\n- wifi: rtw89: mac: add registers of MU-EDCA parameters for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: mac: add suffix _ax to MAC functions (bsc#1227149).\n- wifi: rtw89: mac: add sys_init and filter option for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: mac: add to access efuse for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: mac: add to get DLE reserved quota (bsc#1227149).\n- wifi: rtw89: mac: check queue empty according to chip gen (bsc#1227149).\n- wifi: rtw89: mac: correct MUEDCA setting for MAC-1 (bsc#1227149).\n- wifi: rtw89: mac: define internal memory address for WiFi 7 chip (bsc#1227149).\n- wifi: rtw89: mac: define register address of rx_filter to generalize code (bsc#1227149).\n- wifi: rtw89: mac: do bf_monitor only if WiFi 6 chips (bsc#1227149).\n- wifi: rtw89: mac: Fix spelling mistakes \u0027notfify\u0027 -\u003e \u0027notify\u0027 (bsc#1227149).\n- wifi: rtw89: mac: functions to configure hardware engine and quota for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: mac: generalize code to indirectly access WiFi internal memory (bsc#1227149).\n- wifi: rtw89: mac: generalize register of MU-EDCA switch according to chip gen (bsc#1227149).\n- wifi: rtw89: mac: get TX power control register according to chip gen (bsc#1227149).\n- wifi: rtw89: mac: handle C2H receive/done ACK in interrupt context (bsc#1227149).\n- wifi: rtw89: mac: implement MRC C2H event handling (bsc#1227149).\n- wifi: rtw89: mac: implement to configure TX/RX engines for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: mac: move code related to hardware engine to individual functions (bsc#1227149).\n- wifi: rtw89: mac: refine SER setting during WiFi CPU power on (bsc#1227149).\n- wifi: rtw89: mac: reset PHY-1 hardware when going to enable/disable (bsc#1227149).\n- wifi: rtw89: mac: return held quota of DLE when changing MAC-1 (bsc#1227149).\n- wifi: rtw89: mac: set bf_assoc capabilities according to chip gen (bsc#1227149).\n- wifi: rtw89: mac: set bfee_ctrl() according to chip gen (bsc#1227149).\n- wifi: rtw89: mac: update RTS threshold according to chip gen (bsc#1227149).\n- wifi: rtw89: mac: use mac_gen pointer to access about efuse (bsc#1227149).\n- wifi: rtw89: mac: use pointer to access functions of hardware engine and quota (bsc#1227149).\n- wifi: rtw89: mcc: consider and determine BT duration (bsc#1227149).\n- wifi: rtw89: mcc: deal with beacon NoA if GO exists (bsc#1227149).\n- wifi: rtw89: mcc: deal with BT slot change (bsc#1227149).\n- wifi: rtw89: mcc: deal with P2P PS change (bsc#1227149).\n- wifi: rtw89: mcc: decide pattern and calculate parameters (bsc#1227149).\n- wifi: rtw89: mcc: fill fundamental configurations (bsc#1227149).\n- wifi: rtw89: mcc: fix NoA start time when GO is auxiliary (bsc#1227149).\n- wifi: rtw89: mcc: initialize start flow (bsc#1227149).\n- wifi: rtw89: mcc: track beacon offset and update when needed (bsc#1227149).\n- wifi: rtw89: mcc: trigger FW to start/stop MCC (bsc#1227149).\n- wifi: rtw89: mcc: update role bitmap when changed (bsc#1227149).\n- wifi: rtw89: modify the register setting and the flow of CFO tracking (bsc#1227149).\n- wifi: rtw89: move software DCFO compensation setting to proper position (bsc#1227149).\n- wifi: rtw89: only reset BB/RF for existing WiFi 6 chips while starting up (bsc#1227149).\n- wifi: rtw89: packet offload wait for FW response (bsc#1227149).\n- wifi: rtw89: parse and print out RFK log from C2H events (bsc#1227149).\n- wifi: rtw89: parse EHT information from RX descriptor and PPDU status packet (bsc#1227149).\n- wifi: rtw89: parse TX EHT rate selected by firmware from RA C2H report (bsc#1227149).\n- wifi: rtw89: pause/proceed MCC for ROC and HW scan (bsc#1227149).\n- wifi: rtw89: pci: add LTR v2 for WiFi 7 chip (bsc#1227149).\n- wifi: rtw89: pci: add new RX ring design to determine full RX ring efficiently (bsc#1227149).\n- wifi: rtw89: pci: add PCI generation information to pci_info for each chip (bsc#1227149).\n- wifi: rtw89: pci: add pre_deinit to be called after probe complete (bsc#1227149).\n- wifi: rtw89: pci: correct interrupt mitigation register for 8852CE (bsc#1227149).\n- wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of firmware command (git-fixes).\n- wifi: rtw89: pci: define PCI ring address for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: pci: enlarge RX DMA buffer to consider size of RX descriptor (stable-fixes).\n- wifi: rtw89: pci: fix interrupt enable mask for HALT C2H of RTL8851B (bsc#1227149).\n- wifi: rtw89: pci: generalize code of PCI control DMA IO for WiFi 7 (bsc#1227149).\n- wifi: rtw89: pci: generalize interrupt status bits of interrupt handlers (bsc#1227149).\n- wifi: rtw89: pci: implement PCI CLK/ASPM/L1SS for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: pci: implement PCI mac_post_init for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: pci: implement PCI mac_pre_init for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: pci: interrupt v2 refine IMR for SER (bsc#1227149).\n- wifi: rtw89: pci: reset BDRAM according to chip gen (bsc#1227149).\n- wifi: rtw89: pci: stop/start DMA for level 1 recovery according to chip gen (bsc#1227149).\n- wifi: rtw89: pci: update interrupt mitigation register for 8922AE (bsc#1227149).\n- wifi: rtw89: pci: update SER timer unit and timeout time (bsc#1227149).\n- wifi: rtw89: pci: use DBI function for 8852AE/8852BE/8851BE (bsc#1227149).\n- wifi: rtw89: pci: use gen_def pointer to configure mac_{pre,post}_init and clear PCI ring index (bsc#1227149).\n- wifi: rtw89: pci: validate RX tag for RXQ and RPQ (bsc#1227149).\n- wifi: rtw89: phy: add BB wrapper of TX power for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: phy: add parser to support RX gain dynamic setting flow (bsc#1227149).\n- wifi: rtw89: phy: add phy_gen_def::cr_base to support WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: phy: change naming related BT coexistence functions (bsc#1227149).\n- wifi: rtw89: phy: dynamically adjust EDCCA threshold (bsc#1227149).\n- wifi: rtw89: phy: extend TX power common stuffs for Wi-Fi 7 chips (bsc#1227149).\n- wifi: rtw89: phy: generalize valid bit of BSS color (bsc#1227149).\n- wifi: rtw89: phy: ignore special data from BB parameter file (bsc#1227149).\n- wifi: rtw89: phy: modify register setting of ENV_MNTR, PHYSTS and DIG (bsc#1227149).\n- wifi: rtw89: phy: move bb_gain_info used by WiFi 6 chips to union (bsc#1227149).\n- wifi: rtw89: phy: print out RFK log with formatted string (bsc#1227149).\n- wifi: rtw89: phy: rate pattern handles HW rate by chip gen (bsc#1227149).\n- wifi: rtw89: phy: refine helpers used for raw TX power (bsc#1227149).\n- wifi: rtw89: phy: set channel_info for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: phy: set TX power by rate according to chip gen (bsc#1227149).\n- wifi: rtw89: phy: set TX power limit according to chip gen (bsc#1227149).\n- wifi: rtw89: phy: set TX power offset according to chip gen (bsc#1227149).\n- wifi: rtw89: phy: set TX power RU limit according to chip gen (bsc#1227149).\n- wifi: rtw89: prepare scan leaf functions for wifi 7 ICs (bsc#1227149).\n- wifi: rtw89: process regulatory for 6 GHz power type (bsc#1227149).\n- wifi: rtw89: provide functions to configure NoA for beacon update (bsc#1227149).\n- wifi: rtw89: recognize log format from firmware file (bsc#1227149).\n- wifi: rtw89: reference quota mode when setting Tx power (bsc#1227149).\n- wifi: rtw89: Refine active scan behavior in 6 GHz (bsc#1227149).\n- wifi: rtw89: refine add_chan H2C command to encode_bits (bsc#1227149).\n- wifi: rtw89: refine bandwidth 160MHz uplink OFDMA performance (bsc#1227149).\n- wifi: rtw89: refine clearing supported bands to check 2/5 GHz first (bsc#1227149).\n- wifi: rtw89: refine element naming used by queue empty check (bsc#1227149).\n- wifi: rtw89: refine H2C command that pause transmitting by MAC ID (bsc#1227149).\n- wifi: rtw89: refine hardware scan C2H events (bsc#1227149).\n- wifi: rtw89: refine packet offload delete flow of 6 GHz probe (bsc#1227149).\n- wifi: rtw89: refine packet offload handling under SER (bsc#1227149).\n- wifi: rtw89: refine remain on channel flow to improve P2P connection (bsc#1227149).\n- wifi: rtw89: refine rtw89_correct_cck_chan() by rtw89_hw_to_nl80211_band() (bsc#1227149).\n- wifi: rtw89: refine uplink trigger based control mechanism (bsc#1227149).\n- wifi: rtw89: regd: configure Thailand in regulation type (bsc#1227149).\n- wifi: rtw89: regd: handle policy of 6 GHz according to BIOS (bsc#1227149).\n- wifi: rtw89: regd: judge 6 GHz according to chip and BIOS (bsc#1227149).\n- wifi: rtw89: regd: judge UNII-4 according to BIOS and chip (bsc#1227149).\n- wifi: rtw89: regd: update regulatory map to R64-R40 (bsc#1227149).\n- wifi: rtw89: regd: update regulatory map to R64-R43 (bsc#1227149).\n- wifi: rtw89: regd: update regulatory map to R65-R44 (bsc#1227149).\n- wifi: rtw89: release bit in rtw89_fw_h2c_del_pkt_offload() (bsc#1227149).\n- wifi: rtw89: return failure if needed firmware elements are not recognized (bsc#1227149).\n- wifi: rtw89: rfk: add a completion to wait RF calibration report from C2H event (bsc#1227149).\n- wifi: rtw89: rfk: add H2C command to trigger DACK (bsc#1227149).\n- wifi: rtw89: rfk: add H2C command to trigger DPK (bsc#1227149).\n- wifi: rtw89: rfk: add H2C command to trigger IQK (bsc#1227149).\n- wifi: rtw89: rfk: add H2C command to trigger RX DCK (bsc#1227149).\n- wifi: rtw89: rfk: add H2C command to trigger TSSI (bsc#1227149).\n- wifi: rtw89: rfk: add H2C command to trigger TXGAPK (bsc#1227149).\n- wifi: rtw89: rfk: disable driver tracking during MCC (bsc#1227149).\n- wifi: rtw89: rfk: send channel information to firmware for RF calibrations (bsc#1227149).\n- wifi: rtw89: sar: let caller decide the center frequency to query (bsc#1227149).\n- wifi: rtw89: scan offload wait for FW done ACK (bsc#1227149).\n- wifi: rtw89: ser: L1 add pre-M0 and post-M0 states (bsc#1227149).\n- wifi: rtw89: ser: reset total_sta_assoc and tdls_peer when L2 (bsc#1227149).\n- wifi: rtw89: set capability of TX antenna diversity (bsc#1227149).\n- wifi: rtw89: Set default CQM config if not present (bsc#1227149).\n- wifi: rtw89: set entry size of address CAM to H2C field by chip (bsc#1227149).\n- wifi: rtw89: set TX power without precondition during setting channel (bsc#1227149).\n- wifi: rtw89: show EHT rate in debugfs (bsc#1227149).\n- wifi: rtw89: support firmware log with formatted text (bsc#1227149).\n- wifi: rtw89: support U-NII-4 channels on 5GHz band (bsc#1227149).\n- wifi: rtw89: suppress the log for specific SER called CMDPSR_FRZTO (bsc#1227149).\n- wifi: rtw89: tweak H2C TX waiting function for SER (bsc#1227149).\n- wifi: rtw89: TX power stuffs replace confusing naming of _max with _num (bsc#1227149).\n- wifi: rtw89: update DMA function with different generation (bsc#1227149).\n- wifi: rtw89: Update EHT PHY beamforming capability (bsc#1227149).\n- wifi: rtw89: update ps_state register for chips with different generation (bsc#1227149).\n- wifi: rtw89: update scan C2H messages for wifi 7 IC (bsc#1227149).\n- wifi: rtw89: update suspend/resume for different generation (bsc#1227149).\n- wifi: rtw89: use chip_info::small_fifo_size to choose debug_mask (bsc#1227149).\n- wifi: rtw89: use flexible array member in rtw89_btc_btf_tlv (bsc#1227149).\n- wifi: rtw89: use PLCP information to match BSS_COLOR and AID (bsc#1227149).\n- wifi: rtw89: use struct and le32_get_bits() to access received PHY status IEs (bsc#1227149).\n- wifi: rtw89: use struct and le32_get_bits() to access RX descriptor (bsc#1227149).\n- wifi: rtw89: use struct and le32_get_bits to access RX info (bsc#1227149).\n- wifi: rtw89: use struct rtw89_phy_sts_ie0 instead of macro to access PHY IE0 status (bsc#1227149).\n- wifi: rtw89: use struct to access firmware C2H event header (bsc#1227149).\n- wifi: rtw89: use struct to access RA report (bsc#1227149).\n- wifi: rtw89: use struct to access register-based H2C/C2H (bsc#1227149).\n- wifi: rtw89: use struct to fill H2C command to download beacon frame (bsc#1227149).\n- wifi: rtw89: use struct to parse firmware header (bsc#1227149).\n- wifi: rtw89: use struct to set RA H2C command (bsc#1227149).\n- wifi: rtw89: wow: move release offload packet earlier for WoWLAN mode (bsc#1227149).\n- wifi: rtw89: wow: refine WoWLAN flows of HCI interrupts and low power mode (bsc#1227149).\n- wifi: rtw89: wow: set security engine options for 802.11ax chips only (bsc#1227149).\n- wifi: rtw89: wow: update config mac function with different generation (bsc#1227149).\n- wifi: rtw89: wow: update WoWLAN reason register for different chips (bsc#1227149).\n- wifi: rtw89: wow: update WoWLAN status register for different generation (bsc#1227149).\n- wifi: ti: wlcore: sdio: Drop unused include (bsc#1227149).\n- wifi: virt_wifi: avoid reporting connection success with wrong SSID (git-fixes).\n- wifi: virt_wifi: do not use strlen() in const context (git-fixes).\n- wifi: wcn36xx: Annotate struct wcn36xx_hal_ind_msg with __counted_by (bsc#1227149).\n- wifi: wcn36xx: Convert to platform remove callback returning void (bsc#1227149).\n- wifi: wcn36xx: remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: wext: avoid extra calls to strlen() in ieee80211_bss() (bsc#1227149).\n- wifi: wfx: allow to send frames during ROC (bsc#1227149).\n- wifi: wfx: fix power_save setting when AP is stopped (bsc#1227149).\n- wifi: wfx: implement wfx_remain_on_channel() (bsc#1227149).\n- wifi: wfx: introduce hif_scan_uniq() (bsc#1227149).\n- wifi: wfx: move wfx_skb_*() out of the header file (bsc#1227149).\n- wifi: wfx: relocate wfx_rate_mask_to_hw() (bsc#1227149).\n- wifi: wfx: scan_lock is global to the device (bsc#1227149).\n- wifi: wfx: simplify exclusion between scan and Rx filters (bsc#1227149).\n- wifi: wfx: Use devm_kmemdup to replace devm_kmalloc + memcpy (bsc#1227149).\n- wifi: wil6210: fw: Replace zero-length arrays with DECLARE_FLEX_ARRAY() helper (bsc#1227149).\n- wifi: wil6210: wmi: Replace zero-length array with DECLARE_FLEX_ARRAY() helper (bsc#1227149).\n- wifi: wilc1000: add back-off algorithm to balance tx queue packets (bsc#1227149).\n- wifi: wilc1000: add missing read critical sections around vif list traversal (bsc#1227149).\n- wifi: wilc1000: add SPI commands retry mechanism (bsc#1227149).\n- wifi: wilc1000: always release SDIO host in wilc_sdio_cmd53() (bsc#1227149).\n- wifi: wilc1000: cleanup struct wilc_conn_info (bsc#1227149).\n- wifi: wilc1000: correct CRC7 calculation (bsc#1227149).\n- wifi: wilc1000: fix declarations ordering (bsc#1227149).\n- wifi: wilc1000: fix driver_handler when committing initial configuration (bsc#1227149).\n- wifi: wilc1000: fix ies_len type in connect path (git-fixes).\n- wifi: wilc1000: fix incorrect power down sequence (bsc#1227149).\n- wifi: wilc1000: Increase ASSOC response buffer (bsc#1227149).\n- wifi: wilc1000: remove AKM suite be32 conversion for external auth request (bsc#1227149).\n- wifi: wilc1000: remove setting msg.spi (bsc#1227149).\n- wifi: wilc1000: Remove unused declarations (bsc#1227149).\n- wifi: wilc1000: remove use of has_thrpt_enh3 flag (bsc#1227149).\n- wifi: wilc1000: set preamble size to auto as default in wilc_init_fw_config() (bsc#1227149).\n- wifi: wilc1000: simplify remain on channel support (bsc#1227149).\n- wifi: wilc1000: simplify wilc_scan() (bsc#1227149).\n- wifi: wilc1000: split deeply nested RCU list traversal in dedicated helper (bsc#1227149).\n- wifi: wilc1000: use SRCU instead of RCU for vif list traversal (bsc#1227149).\n- wifi: wilc1000: validate chip id during bus probe (bsc#1227149).\n- wifi: wl1251: replace deprecated strncpy with strscpy (bsc#1227149).\n- wifi: wl18xx: replace deprecated strncpy with strscpy (bsc#1227149).\n- wifi: wlcore: boot: replace deprecated strncpy with strscpy (bsc#1227149).\n- wifi: wlcore: main: replace deprecated strncpy with strscpy (bsc#1227149).\n- wifi: wlcore: sdio: Rate limit wl12xx_sdio_raw_{read,write}() failures warns (bsc#1227149).\n- wifi: wlcore: sdio: Use module_sdio_driver macro to simplify the code (bsc#1227149).\n- wifi: zd1211rw: fix typo \u0027tranmits\u0027 (bsc#1227149).\n- wifi: zd1211rw: remove __nocast from zd_addr_t (bsc#1227149).\n- wifi: zd1211rw: silence sparse warnings (bsc#1227149).\n- wireguard: netlink: access device through ctx instead of peer (git-fixes).\n- wireguard: netlink: check for dangling peer via is_dead instead of empty list (git-fixes).\n- wireguard: receive: annotate data-race around receiving_counter.counter (git-fixes).\n- wlcore: spi: Remove redundant of_match_ptr() (bsc#1227149).\n- Workaround broken chacha crypto fallback (bsc#1218205).\n- work around gcc bugs with \u0027asm goto\u0027 with outputs (git-fixes).\n- X.509: Fix the parser of extended key usage for length (bsc#1218820).\n- x86/amd_nb: Check for invalid SMN reads (git-fixes).\n- x86/apic: Force native_apic_mem_read() to use the MOV instruction (git-fixes).\n- x86/asm: Fix build of UML with KASAN (git-fixes).\n- x86/asm: Remove the __iomem annotation of movdir64b()\u0027s dst argument (git-fixes).\n- x86/bhi: Avoid warning in #DB handler due to BHI mitigation :(git-fixes).\n- x86/boot: Ignore NMIs during very early boot (git-fixes).\n- x86/bugs: Fix BHI retpoline check (git-fixes).\n- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).\n- x86/bugs: Remove default case for fully switched enums (git-fixes).\n- x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() (git-fixes).\n- x86/coco: Require seeding RNG with RDRAND on CoCo systems (git-fixes).\n- x86/cpu: Add model number for Intel Arrow Lake mobile processor (git-fixes).\n- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (git-fixes).\n- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).\n- x86/cpu: Provide default cache line size if not enumerated (git-fixes).\n- x86/csum: clean up `csum_partial\u0027 further (git-fixes).\n- x86/csum: Fix clang -Wuninitialized in csum_partial() (git-fixes).\n- x86/csum: Improve performance of `csum_partial` (git-fixes).\n- x86/csum: Remove unnecessary odd handling (git-fixes).\n- x86/efistub: Add missing boot_params for mixed mode compat entry (git-fixes).\n- x86/efistub: Call mixed mode boot services on the firmware\u0027s stack (git-fixes).\n- x86/fpu: Fix AMD X86_BUG_FXSAVE_LEAK fixup (git-fixes).\n- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).\n- x86/head/64: Move the __head definition to \u0026lt;asm/init.h\u003e (git-fixes).\n- x86/hyperv: Allow 15-bit APIC IDs for VTL platforms (git-fixes).\n- x86/hyperv: Use per cpu initial stack for vtl context (git-fixes).\n- x86/insn: Add VEX versions of VPDPBUSD, VPDPBUSDS, VPDPWSSD and VPDPWSSDS (git-fixes).\n- x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes).\n- x86/kconfig: Add as-instr64 macro to properly evaluate AS_WRUSS (git-fixes).\n- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (git-fixes).\n- x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (git-fixes).\n- x86/kexec: Fix bug with call depth tracking (git-fixes).\n- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (git-fixes).\n- x86/mce: Dynamically size space for machine check records (bsc#1222241).\n- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).\n- x86/mce: Mark fatal MCE\u0027s page as poison to avoid panic in the kdump kernel (git-fixes).\n- x86/nmi: Drop unused declaration of proc_nmi_enabled() (git-fixes).\n- x86/nmi: Fix the inverse \u0027in NMI handler\u0027 check (git-fixes).\n- x86/nospec: Refactor UNTRAIN_RET[_*] (git-fixes).\n- x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).\n- x86/purgatory: Switch to the position-independent small code model (git-fixes).\n- x86/resctrl: Read supported bandwidth sources from CPUID (git-fixes).\n- x86/resctrl: Remove redundant variable in mbm_config_write_domain() (git-fixes).\n- x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (git-fixes).\n- x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk (git-fixes).\n- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).\n- x86/sev: Fix position dependent variable references in startup code (git-fixes).\n- x86/shstk: Make return uprobe work with shadow stack (git-fixes).\n- x86/speculation, objtool: Use absolute relocations for annotations (git-fixes).\n- x86/srso: Disentangle rethunk-dependent options (git-fixes).\n- x86/srso: Fix unret validation dependencies (git-fixes).\n- x86/srso: Improve i-cache locality for alias mitigation (git-fixes).\n- x86/srso: Print actual mitigation if requested mitigation isn\u0027t possible (git-fixes).\n- x86/srso: Remove \u0027pred_cmd\u0027 label (git-fixes).\n- x86/srso: Unexport untraining functions (git-fixes).\n- x86: Stop using weak symbols for __iowrite32_copy() (bsc#1226502)\n- x86/tdx: Preserve shared bit on mprotect() (git-fixes).\n- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).\n- x86/uaccess: Fix missed zeroing of ia32 u64 get_user() range checking (git-fixes).\n- x86/xen: Add some null pointer checking to smp.c (git-fixes).\n- x86/xen: attempt to inflate the memory balloon on PVH (git-fixes).\n- xdp, bonding: Fix feature flags when there are no slave devs anymore (git-fixes).\n- xen/events: drop xen_allocate_irqs_dynamic() (git-fixes).\n- xen/events: fix error code in xen_bind_pirq_msi_to_irq() (git-fixes).\n- xen/events: increment refcnt only if event channel is refcounted (git-fixes).\n- xen/events: modify internal [un]bind interfaces (git-fixes).\n- xen/events: reduce externally visible helper functions (git-fixes).\n- xen/events: remove some simple helpers from events_base.c (git-fixes).\n- xen: evtchn: Allow shared registration of IRQ handers (git-fixes).\n- xen/evtchn: avoid WARN() when unbinding an event channel (git-fixes).\n- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).\n- xen/x86: add extra pages to unpopulated-alloc if available (git-fixes).\n- xfs: Add cond_resched to block unmap range and reflink remap path (bsc#1228211).\n- xfs: add lock protection when remove perag from radix tree (git-fixes).\n- xfs: allow extent free intents to be retried (git-fixes).\n- xfs: fix perag leak when growfs fails (git-fixes).\n- xfs: force all buffers to be written during btree bulk load (git-fixes).\n- xfs: make xchk_iget safer in the presence of corrupt inode btrees (git-fixes).\n- xfs: pass the xfs_defer_pending object to iop_recover (git-fixes).\n- xfs: recompute growfsrtfree transaction reservation while growing rt volume (git-fixes).\n- xfs: transfer recovered intent item ownership in -\u003eiop_recover (git-fixes).\n- xfs: use roundup_pow_of_two instead of ffs during xlog_find_tail (git-fixes).\n- xfs: use xfs_defer_pending objects to recover intent items (git-fixes).\n- xhci: add helper that checks for unhandled events on a event ring (git-fixes).\n- xhci: always resume roothubs if xHC was reset during resume (stable-fixes).\n- xhci: Apply broken streams quirk to Etron EJ188 xHCI host (stable-fixes).\n- xhci: Apply reset resume quirk to Etron EJ188 xHCI host (stable-fixes).\n- xhci: Handle TD clearing for multiple streams case (git-fixes).\n- xhci: remove unnecessary event_ring_deq parameter from xhci_handle_event() (git-fixes).\n- xhci: Set correct transferred length for cancelled bulk transfers (stable-fixes).\n- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).\n- xsk: Add truesize to skb_add_rx_frag() (bsc#1214683 (PREEMPT_RT prerequisite backports)).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-2973,SUSE-SLE-Module-Live-Patching-15-SP6-2024-2973,SUSE-SLE-Module-RT-15-SP6-2024-2973,openSUSE-SLE-15.6-2024-2973",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2973-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:2973-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242973-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:2973-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019280.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1181674",
"url": "https://bugzilla.suse.com/1181674"
},
{
"category": "self",
"summary": "SUSE Bug 1186716",
"url": "https://bugzilla.suse.com/1186716"
},
{
"category": "self",
"summary": "SUSE Bug 1187716",
"url": "https://bugzilla.suse.com/1187716"
},
{
"category": "self",
"summary": "SUSE Bug 1193599",
"url": "https://bugzilla.suse.com/1193599"
},
{
"category": "self",
"summary": "SUSE Bug 1194869",
"url": "https://bugzilla.suse.com/1194869"
},
{
"category": "self",
"summary": "SUSE Bug 1195775",
"url": "https://bugzilla.suse.com/1195775"
},
{
"category": "self",
"summary": "SUSE Bug 1204562",
"url": "https://bugzilla.suse.com/1204562"
},
{
"category": "self",
"summary": "SUSE Bug 1207948",
"url": "https://bugzilla.suse.com/1207948"
},
{
"category": "self",
"summary": "SUSE Bug 1208593",
"url": "https://bugzilla.suse.com/1208593"
},
{
"category": "self",
"summary": "SUSE Bug 1209657",
"url": "https://bugzilla.suse.com/1209657"
},
{
"category": "self",
"summary": "SUSE Bug 1209834",
"url": "https://bugzilla.suse.com/1209834"
},
{
"category": "self",
"summary": "SUSE Bug 1213573",
"url": "https://bugzilla.suse.com/1213573"
},
{
"category": "self",
"summary": "SUSE Bug 1214683",
"url": "https://bugzilla.suse.com/1214683"
},
{
"category": "self",
"summary": "SUSE Bug 1214852",
"url": "https://bugzilla.suse.com/1214852"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1215587",
"url": "https://bugzilla.suse.com/1215587"
},
{
"category": "self",
"summary": "SUSE Bug 1216196",
"url": "https://bugzilla.suse.com/1216196"
},
{
"category": "self",
"summary": "SUSE Bug 1216358",
"url": "https://bugzilla.suse.com/1216358"
},
{
"category": "self",
"summary": "SUSE Bug 1216702",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "self",
"summary": "SUSE Bug 1217384",
"url": "https://bugzilla.suse.com/1217384"
},
{
"category": "self",
"summary": "SUSE Bug 1217408",
"url": "https://bugzilla.suse.com/1217408"
},
{
"category": "self",
"summary": "SUSE Bug 1217481",
"url": "https://bugzilla.suse.com/1217481"
},
{
"category": "self",
"summary": "SUSE Bug 1217489",
"url": "https://bugzilla.suse.com/1217489"
},
{
"category": "self",
"summary": "SUSE Bug 1217750",
"url": "https://bugzilla.suse.com/1217750"
},
{
"category": "self",
"summary": "SUSE Bug 1217912",
"url": "https://bugzilla.suse.com/1217912"
},
{
"category": "self",
"summary": "SUSE Bug 1217959",
"url": "https://bugzilla.suse.com/1217959"
},
{
"category": "self",
"summary": "SUSE Bug 1218205",
"url": "https://bugzilla.suse.com/1218205"
},
{
"category": "self",
"summary": "SUSE Bug 1218336",
"url": "https://bugzilla.suse.com/1218336"
},
{
"category": "self",
"summary": "SUSE Bug 1218442",
"url": "https://bugzilla.suse.com/1218442"
},
{
"category": "self",
"summary": "SUSE Bug 1218730",
"url": "https://bugzilla.suse.com/1218730"
},
{
"category": "self",
"summary": "SUSE Bug 1218779",
"url": "https://bugzilla.suse.com/1218779"
},
{
"category": "self",
"summary": "SUSE Bug 1218820",
"url": "https://bugzilla.suse.com/1218820"
},
{
"category": "self",
"summary": "SUSE Bug 1218917",
"url": "https://bugzilla.suse.com/1218917"
},
{
"category": "self",
"summary": "SUSE Bug 1219104",
"url": "https://bugzilla.suse.com/1219104"
},
{
"category": "self",
"summary": "SUSE Bug 1219170",
"url": "https://bugzilla.suse.com/1219170"
},
{
"category": "self",
"summary": "SUSE Bug 1219224",
"url": "https://bugzilla.suse.com/1219224"
},
{
"category": "self",
"summary": "SUSE Bug 1219478",
"url": "https://bugzilla.suse.com/1219478"
},
{
"category": "self",
"summary": "SUSE Bug 1219596",
"url": "https://bugzilla.suse.com/1219596"
},
{
"category": "self",
"summary": "SUSE Bug 1219623",
"url": "https://bugzilla.suse.com/1219623"
},
{
"category": "self",
"summary": "SUSE Bug 1219633",
"url": "https://bugzilla.suse.com/1219633"
},
{
"category": "self",
"summary": "SUSE Bug 1219832",
"url": "https://bugzilla.suse.com/1219832"
},
{
"category": "self",
"summary": "SUSE Bug 1219834",
"url": "https://bugzilla.suse.com/1219834"
},
{
"category": "self",
"summary": "SUSE Bug 1219847",
"url": "https://bugzilla.suse.com/1219847"
},
{
"category": "self",
"summary": "SUSE Bug 1219953",
"url": "https://bugzilla.suse.com/1219953"
},
{
"category": "self",
"summary": "SUSE Bug 1220021",
"url": "https://bugzilla.suse.com/1220021"
},
{
"category": "self",
"summary": "SUSE Bug 1220045",
"url": "https://bugzilla.suse.com/1220045"
},
{
"category": "self",
"summary": "SUSE Bug 1220120",
"url": "https://bugzilla.suse.com/1220120"
},
{
"category": "self",
"summary": "SUSE Bug 1220138",
"url": "https://bugzilla.suse.com/1220138"
},
{
"category": "self",
"summary": "SUSE Bug 1220328",
"url": "https://bugzilla.suse.com/1220328"
},
{
"category": "self",
"summary": "SUSE Bug 1220342",
"url": "https://bugzilla.suse.com/1220342"
},
{
"category": "self",
"summary": "SUSE Bug 1220427",
"url": "https://bugzilla.suse.com/1220427"
},
{
"category": "self",
"summary": "SUSE Bug 1220428",
"url": "https://bugzilla.suse.com/1220428"
},
{
"category": "self",
"summary": "SUSE Bug 1220430",
"url": "https://bugzilla.suse.com/1220430"
},
{
"category": "self",
"summary": "SUSE Bug 1220569",
"url": "https://bugzilla.suse.com/1220569"
},
{
"category": "self",
"summary": "SUSE Bug 1220587",
"url": "https://bugzilla.suse.com/1220587"
},
{
"category": "self",
"summary": "SUSE Bug 1220783",
"url": "https://bugzilla.suse.com/1220783"
},
{
"category": "self",
"summary": "SUSE Bug 1220915",
"url": "https://bugzilla.suse.com/1220915"
},
{
"category": "self",
"summary": "SUSE Bug 1220942",
"url": "https://bugzilla.suse.com/1220942"
},
{
"category": "self",
"summary": "SUSE Bug 1221044",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "self",
"summary": "SUSE Bug 1221057",
"url": "https://bugzilla.suse.com/1221057"
},
{
"category": "self",
"summary": "SUSE Bug 1221086",
"url": "https://bugzilla.suse.com/1221086"
},
{
"category": "self",
"summary": "SUSE Bug 1221293",
"url": "https://bugzilla.suse.com/1221293"
},
{
"category": "self",
"summary": "SUSE Bug 1221303",
"url": "https://bugzilla.suse.com/1221303"
},
{
"category": "self",
"summary": "SUSE Bug 1221504",
"url": "https://bugzilla.suse.com/1221504"
},
{
"category": "self",
"summary": "SUSE Bug 1221612",
"url": "https://bugzilla.suse.com/1221612"
},
{
"category": "self",
"summary": "SUSE Bug 1221615",
"url": "https://bugzilla.suse.com/1221615"
},
{
"category": "self",
"summary": "SUSE Bug 1221635",
"url": "https://bugzilla.suse.com/1221635"
},
{
"category": "self",
"summary": "SUSE Bug 1221645",
"url": "https://bugzilla.suse.com/1221645"
},
{
"category": "self",
"summary": "SUSE Bug 1221647",
"url": "https://bugzilla.suse.com/1221647"
},
{
"category": "self",
"summary": "SUSE Bug 1221649",
"url": "https://bugzilla.suse.com/1221649"
},
{
"category": "self",
"summary": "SUSE Bug 1221654",
"url": "https://bugzilla.suse.com/1221654"
},
{
"category": "self",
"summary": "SUSE Bug 1221656",
"url": "https://bugzilla.suse.com/1221656"
},
{
"category": "self",
"summary": "SUSE Bug 1221659",
"url": "https://bugzilla.suse.com/1221659"
},
{
"category": "self",
"summary": "SUSE Bug 1221765",
"url": "https://bugzilla.suse.com/1221765"
},
{
"category": "self",
"summary": "SUSE Bug 1221777",
"url": "https://bugzilla.suse.com/1221777"
},
{
"category": "self",
"summary": "SUSE Bug 1221783",
"url": "https://bugzilla.suse.com/1221783"
},
{
"category": "self",
"summary": "SUSE Bug 1221816",
"url": "https://bugzilla.suse.com/1221816"
},
{
"category": "self",
"summary": "SUSE Bug 1221829",
"url": "https://bugzilla.suse.com/1221829"
},
{
"category": "self",
"summary": "SUSE Bug 1221830",
"url": "https://bugzilla.suse.com/1221830"
},
{
"category": "self",
"summary": "SUSE Bug 1221858",
"url": "https://bugzilla.suse.com/1221858"
},
{
"category": "self",
"summary": "SUSE Bug 1221958",
"url": "https://bugzilla.suse.com/1221958"
},
{
"category": "self",
"summary": "SUSE Bug 1222011",
"url": "https://bugzilla.suse.com/1222011"
},
{
"category": "self",
"summary": "SUSE Bug 1222015",
"url": "https://bugzilla.suse.com/1222015"
},
{
"category": "self",
"summary": "SUSE Bug 1222048",
"url": "https://bugzilla.suse.com/1222048"
},
{
"category": "self",
"summary": "SUSE Bug 1222080",
"url": "https://bugzilla.suse.com/1222080"
},
{
"category": "self",
"summary": "SUSE Bug 1222115",
"url": "https://bugzilla.suse.com/1222115"
},
{
"category": "self",
"summary": "SUSE Bug 1222173",
"url": "https://bugzilla.suse.com/1222173"
},
{
"category": "self",
"summary": "SUSE Bug 1222241",
"url": "https://bugzilla.suse.com/1222241"
},
{
"category": "self",
"summary": "SUSE Bug 1222264",
"url": "https://bugzilla.suse.com/1222264"
},
{
"category": "self",
"summary": "SUSE Bug 1222273",
"url": "https://bugzilla.suse.com/1222273"
},
{
"category": "self",
"summary": "SUSE Bug 1222294",
"url": "https://bugzilla.suse.com/1222294"
},
{
"category": "self",
"summary": "SUSE Bug 1222301",
"url": "https://bugzilla.suse.com/1222301"
},
{
"category": "self",
"summary": "SUSE Bug 1222303",
"url": "https://bugzilla.suse.com/1222303"
},
{
"category": "self",
"summary": "SUSE Bug 1222304",
"url": "https://bugzilla.suse.com/1222304"
},
{
"category": "self",
"summary": "SUSE Bug 1222307",
"url": "https://bugzilla.suse.com/1222307"
},
{
"category": "self",
"summary": "SUSE Bug 1222326",
"url": "https://bugzilla.suse.com/1222326"
},
{
"category": "self",
"summary": "SUSE Bug 1222328",
"url": "https://bugzilla.suse.com/1222328"
},
{
"category": "self",
"summary": "SUSE Bug 1222357",
"url": "https://bugzilla.suse.com/1222357"
},
{
"category": "self",
"summary": "SUSE Bug 1222366",
"url": "https://bugzilla.suse.com/1222366"
},
{
"category": "self",
"summary": "SUSE Bug 1222368",
"url": "https://bugzilla.suse.com/1222368"
},
{
"category": "self",
"summary": "SUSE Bug 1222371",
"url": "https://bugzilla.suse.com/1222371"
},
{
"category": "self",
"summary": "SUSE Bug 1222378",
"url": "https://bugzilla.suse.com/1222378"
},
{
"category": "self",
"summary": "SUSE Bug 1222380",
"url": "https://bugzilla.suse.com/1222380"
},
{
"category": "self",
"summary": "SUSE Bug 1222385",
"url": "https://bugzilla.suse.com/1222385"
},
{
"category": "self",
"summary": "SUSE Bug 1222422",
"url": "https://bugzilla.suse.com/1222422"
},
{
"category": "self",
"summary": "SUSE Bug 1222426",
"url": "https://bugzilla.suse.com/1222426"
},
{
"category": "self",
"summary": "SUSE Bug 1222428",
"url": "https://bugzilla.suse.com/1222428"
},
{
"category": "self",
"summary": "SUSE Bug 1222437",
"url": "https://bugzilla.suse.com/1222437"
},
{
"category": "self",
"summary": "SUSE Bug 1222438",
"url": "https://bugzilla.suse.com/1222438"
},
{
"category": "self",
"summary": "SUSE Bug 1222445",
"url": "https://bugzilla.suse.com/1222445"
},
{
"category": "self",
"summary": "SUSE Bug 1222459",
"url": "https://bugzilla.suse.com/1222459"
},
{
"category": "self",
"summary": "SUSE Bug 1222463",
"url": "https://bugzilla.suse.com/1222463"
},
{
"category": "self",
"summary": "SUSE Bug 1222489",
"url": "https://bugzilla.suse.com/1222489"
},
{
"category": "self",
"summary": "SUSE Bug 1222522",
"url": "https://bugzilla.suse.com/1222522"
},
{
"category": "self",
"summary": "SUSE Bug 1222525",
"url": "https://bugzilla.suse.com/1222525"
},
{
"category": "self",
"summary": "SUSE Bug 1222531",
"url": "https://bugzilla.suse.com/1222531"
},
{
"category": "self",
"summary": "SUSE Bug 1222532",
"url": "https://bugzilla.suse.com/1222532"
},
{
"category": "self",
"summary": "SUSE Bug 1222557",
"url": "https://bugzilla.suse.com/1222557"
},
{
"category": "self",
"summary": "SUSE Bug 1222559",
"url": "https://bugzilla.suse.com/1222559"
},
{
"category": "self",
"summary": "SUSE Bug 1222563",
"url": "https://bugzilla.suse.com/1222563"
},
{
"category": "self",
"summary": "SUSE Bug 1222585",
"url": "https://bugzilla.suse.com/1222585"
},
{
"category": "self",
"summary": "SUSE Bug 1222588",
"url": "https://bugzilla.suse.com/1222588"
},
{
"category": "self",
"summary": "SUSE Bug 1222596",
"url": "https://bugzilla.suse.com/1222596"
},
{
"category": "self",
"summary": "SUSE Bug 1222606",
"url": "https://bugzilla.suse.com/1222606"
},
{
"category": "self",
"summary": "SUSE Bug 1222608",
"url": "https://bugzilla.suse.com/1222608"
},
{
"category": "self",
"summary": "SUSE Bug 1222613",
"url": "https://bugzilla.suse.com/1222613"
},
{
"category": "self",
"summary": "SUSE Bug 1222615",
"url": "https://bugzilla.suse.com/1222615"
},
{
"category": "self",
"summary": "SUSE Bug 1222617",
"url": "https://bugzilla.suse.com/1222617"
},
{
"category": "self",
"summary": "SUSE Bug 1222618",
"url": "https://bugzilla.suse.com/1222618"
},
{
"category": "self",
"summary": "SUSE Bug 1222619",
"url": "https://bugzilla.suse.com/1222619"
},
{
"category": "self",
"summary": "SUSE Bug 1222622",
"url": "https://bugzilla.suse.com/1222622"
},
{
"category": "self",
"summary": "SUSE Bug 1222624",
"url": "https://bugzilla.suse.com/1222624"
},
{
"category": "self",
"summary": "SUSE Bug 1222627",
"url": "https://bugzilla.suse.com/1222627"
},
{
"category": "self",
"summary": "SUSE Bug 1222630",
"url": "https://bugzilla.suse.com/1222630"
},
{
"category": "self",
"summary": "SUSE Bug 1222635",
"url": "https://bugzilla.suse.com/1222635"
},
{
"category": "self",
"summary": "SUSE Bug 1222721",
"url": "https://bugzilla.suse.com/1222721"
},
{
"category": "self",
"summary": "SUSE Bug 1222727",
"url": "https://bugzilla.suse.com/1222727"
},
{
"category": "self",
"summary": "SUSE Bug 1222768",
"url": "https://bugzilla.suse.com/1222768"
},
{
"category": "self",
"summary": "SUSE Bug 1222769",
"url": "https://bugzilla.suse.com/1222769"
},
{
"category": "self",
"summary": "SUSE Bug 1222771",
"url": "https://bugzilla.suse.com/1222771"
},
{
"category": "self",
"summary": "SUSE Bug 1222775",
"url": "https://bugzilla.suse.com/1222775"
},
{
"category": "self",
"summary": "SUSE Bug 1222779",
"url": "https://bugzilla.suse.com/1222779"
},
{
"category": "self",
"summary": "SUSE Bug 1222780",
"url": "https://bugzilla.suse.com/1222780"
},
{
"category": "self",
"summary": "SUSE Bug 1222782",
"url": "https://bugzilla.suse.com/1222782"
},
{
"category": "self",
"summary": "SUSE Bug 1222793",
"url": "https://bugzilla.suse.com/1222793"
},
{
"category": "self",
"summary": "SUSE Bug 1222799",
"url": "https://bugzilla.suse.com/1222799"
},
{
"category": "self",
"summary": "SUSE Bug 1222801",
"url": "https://bugzilla.suse.com/1222801"
},
{
"category": "self",
"summary": "SUSE Bug 1222809",
"url": "https://bugzilla.suse.com/1222809"
},
{
"category": "self",
"summary": "SUSE Bug 1222810",
"url": "https://bugzilla.suse.com/1222810"
},
{
"category": "self",
"summary": "SUSE Bug 1222893",
"url": "https://bugzilla.suse.com/1222893"
},
{
"category": "self",
"summary": "SUSE Bug 1222968",
"url": "https://bugzilla.suse.com/1222968"
},
{
"category": "self",
"summary": "SUSE Bug 1223007",
"url": "https://bugzilla.suse.com/1223007"
},
{
"category": "self",
"summary": "SUSE Bug 1223010",
"url": "https://bugzilla.suse.com/1223010"
},
{
"category": "self",
"summary": "SUSE Bug 1223011",
"url": "https://bugzilla.suse.com/1223011"
},
{
"category": "self",
"summary": "SUSE Bug 1223013",
"url": "https://bugzilla.suse.com/1223013"
},
{
"category": "self",
"summary": "SUSE Bug 1223015",
"url": "https://bugzilla.suse.com/1223015"
},
{
"category": "self",
"summary": "SUSE Bug 1223018",
"url": "https://bugzilla.suse.com/1223018"
},
{
"category": "self",
"summary": "SUSE Bug 1223020",
"url": "https://bugzilla.suse.com/1223020"
},
{
"category": "self",
"summary": "SUSE Bug 1223021",
"url": "https://bugzilla.suse.com/1223021"
},
{
"category": "self",
"summary": "SUSE Bug 1223023",
"url": "https://bugzilla.suse.com/1223023"
},
{
"category": "self",
"summary": "SUSE Bug 1223024",
"url": "https://bugzilla.suse.com/1223024"
},
{
"category": "self",
"summary": "SUSE Bug 1223033",
"url": "https://bugzilla.suse.com/1223033"
},
{
"category": "self",
"summary": "SUSE Bug 1223034",
"url": "https://bugzilla.suse.com/1223034"
},
{
"category": "self",
"summary": "SUSE Bug 1223035",
"url": "https://bugzilla.suse.com/1223035"
},
{
"category": "self",
"summary": "SUSE Bug 1223038",
"url": "https://bugzilla.suse.com/1223038"
},
{
"category": "self",
"summary": "SUSE Bug 1223039",
"url": "https://bugzilla.suse.com/1223039"
},
{
"category": "self",
"summary": "SUSE Bug 1223041",
"url": "https://bugzilla.suse.com/1223041"
},
{
"category": "self",
"summary": "SUSE Bug 1223045",
"url": "https://bugzilla.suse.com/1223045"
},
{
"category": "self",
"summary": "SUSE Bug 1223046",
"url": "https://bugzilla.suse.com/1223046"
},
{
"category": "self",
"summary": "SUSE Bug 1223051",
"url": "https://bugzilla.suse.com/1223051"
},
{
"category": "self",
"summary": "SUSE Bug 1223052",
"url": "https://bugzilla.suse.com/1223052"
},
{
"category": "self",
"summary": "SUSE Bug 1223058",
"url": "https://bugzilla.suse.com/1223058"
},
{
"category": "self",
"summary": "SUSE Bug 1223060",
"url": "https://bugzilla.suse.com/1223060"
},
{
"category": "self",
"summary": "SUSE Bug 1223061",
"url": "https://bugzilla.suse.com/1223061"
},
{
"category": "self",
"summary": "SUSE Bug 1223076",
"url": "https://bugzilla.suse.com/1223076"
},
{
"category": "self",
"summary": "SUSE Bug 1223077",
"url": "https://bugzilla.suse.com/1223077"
},
{
"category": "self",
"summary": "SUSE Bug 1223111",
"url": "https://bugzilla.suse.com/1223111"
},
{
"category": "self",
"summary": "SUSE Bug 1223113",
"url": "https://bugzilla.suse.com/1223113"
},
{
"category": "self",
"summary": "SUSE Bug 1223138",
"url": "https://bugzilla.suse.com/1223138"
},
{
"category": "self",
"summary": "SUSE Bug 1223143",
"url": "https://bugzilla.suse.com/1223143"
},
{
"category": "self",
"summary": "SUSE Bug 1223187",
"url": "https://bugzilla.suse.com/1223187"
},
{
"category": "self",
"summary": "SUSE Bug 1223189",
"url": "https://bugzilla.suse.com/1223189"
},
{
"category": "self",
"summary": "SUSE Bug 1223190",
"url": "https://bugzilla.suse.com/1223190"
},
{
"category": "self",
"summary": "SUSE Bug 1223191",
"url": "https://bugzilla.suse.com/1223191"
},
{
"category": "self",
"summary": "SUSE Bug 1223198",
"url": "https://bugzilla.suse.com/1223198"
},
{
"category": "self",
"summary": "SUSE Bug 1223202",
"url": "https://bugzilla.suse.com/1223202"
},
{
"category": "self",
"summary": "SUSE Bug 1223265",
"url": "https://bugzilla.suse.com/1223265"
},
{
"category": "self",
"summary": "SUSE Bug 1223285",
"url": "https://bugzilla.suse.com/1223285"
},
{
"category": "self",
"summary": "SUSE Bug 1223315",
"url": "https://bugzilla.suse.com/1223315"
},
{
"category": "self",
"summary": "SUSE Bug 1223338",
"url": "https://bugzilla.suse.com/1223338"
},
{
"category": "self",
"summary": "SUSE Bug 1223369",
"url": "https://bugzilla.suse.com/1223369"
},
{
"category": "self",
"summary": "SUSE Bug 1223380",
"url": "https://bugzilla.suse.com/1223380"
},
{
"category": "self",
"summary": "SUSE Bug 1223384",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "self",
"summary": "SUSE Bug 1223390",
"url": "https://bugzilla.suse.com/1223390"
},
{
"category": "self",
"summary": "SUSE Bug 1223439",
"url": "https://bugzilla.suse.com/1223439"
},
{
"category": "self",
"summary": "SUSE Bug 1223462",
"url": "https://bugzilla.suse.com/1223462"
},
{
"category": "self",
"summary": "SUSE Bug 1223532",
"url": "https://bugzilla.suse.com/1223532"
},
{
"category": "self",
"summary": "SUSE Bug 1223539",
"url": "https://bugzilla.suse.com/1223539"
},
{
"category": "self",
"summary": "SUSE Bug 1223570",
"url": "https://bugzilla.suse.com/1223570"
},
{
"category": "self",
"summary": "SUSE Bug 1223575",
"url": "https://bugzilla.suse.com/1223575"
},
{
"category": "self",
"summary": "SUSE Bug 1223590",
"url": "https://bugzilla.suse.com/1223590"
},
{
"category": "self",
"summary": "SUSE Bug 1223591",
"url": "https://bugzilla.suse.com/1223591"
},
{
"category": "self",
"summary": "SUSE Bug 1223592",
"url": "https://bugzilla.suse.com/1223592"
},
{
"category": "self",
"summary": "SUSE Bug 1223593",
"url": "https://bugzilla.suse.com/1223593"
},
{
"category": "self",
"summary": "SUSE Bug 1223625",
"url": "https://bugzilla.suse.com/1223625"
},
{
"category": "self",
"summary": "SUSE Bug 1223629",
"url": "https://bugzilla.suse.com/1223629"
},
{
"category": "self",
"summary": "SUSE Bug 1223633",
"url": "https://bugzilla.suse.com/1223633"
},
{
"category": "self",
"summary": "SUSE Bug 1223634",
"url": "https://bugzilla.suse.com/1223634"
},
{
"category": "self",
"summary": "SUSE Bug 1223637",
"url": "https://bugzilla.suse.com/1223637"
},
{
"category": "self",
"summary": "SUSE Bug 1223641",
"url": "https://bugzilla.suse.com/1223641"
},
{
"category": "self",
"summary": "SUSE Bug 1223643",
"url": "https://bugzilla.suse.com/1223643"
},
{
"category": "self",
"summary": "SUSE Bug 1223649",
"url": "https://bugzilla.suse.com/1223649"
},
{
"category": "self",
"summary": "SUSE Bug 1223650",
"url": "https://bugzilla.suse.com/1223650"
},
{
"category": "self",
"summary": "SUSE Bug 1223651",
"url": "https://bugzilla.suse.com/1223651"
},
{
"category": "self",
"summary": "SUSE Bug 1223652",
"url": "https://bugzilla.suse.com/1223652"
},
{
"category": "self",
"summary": "SUSE Bug 1223653",
"url": "https://bugzilla.suse.com/1223653"
},
{
"category": "self",
"summary": "SUSE Bug 1223654",
"url": "https://bugzilla.suse.com/1223654"
},
{
"category": "self",
"summary": "SUSE Bug 1223655",
"url": "https://bugzilla.suse.com/1223655"
},
{
"category": "self",
"summary": "SUSE Bug 1223660",
"url": "https://bugzilla.suse.com/1223660"
},
{
"category": "self",
"summary": "SUSE Bug 1223661",
"url": "https://bugzilla.suse.com/1223661"
},
{
"category": "self",
"summary": "SUSE Bug 1223664",
"url": "https://bugzilla.suse.com/1223664"
},
{
"category": "self",
"summary": "SUSE Bug 1223665",
"url": "https://bugzilla.suse.com/1223665"
},
{
"category": "self",
"summary": "SUSE Bug 1223666",
"url": "https://bugzilla.suse.com/1223666"
},
{
"category": "self",
"summary": "SUSE Bug 1223668",
"url": "https://bugzilla.suse.com/1223668"
},
{
"category": "self",
"summary": "SUSE Bug 1223669",
"url": "https://bugzilla.suse.com/1223669"
},
{
"category": "self",
"summary": "SUSE Bug 1223670",
"url": "https://bugzilla.suse.com/1223670"
},
{
"category": "self",
"summary": "SUSE Bug 1223671",
"url": "https://bugzilla.suse.com/1223671"
},
{
"category": "self",
"summary": "SUSE Bug 1223675",
"url": "https://bugzilla.suse.com/1223675"
},
{
"category": "self",
"summary": "SUSE Bug 1223677",
"url": "https://bugzilla.suse.com/1223677"
},
{
"category": "self",
"summary": "SUSE Bug 1223678",
"url": "https://bugzilla.suse.com/1223678"
},
{
"category": "self",
"summary": "SUSE Bug 1223686",
"url": "https://bugzilla.suse.com/1223686"
},
{
"category": "self",
"summary": "SUSE Bug 1223692",
"url": "https://bugzilla.suse.com/1223692"
},
{
"category": "self",
"summary": "SUSE Bug 1223693",
"url": "https://bugzilla.suse.com/1223693"
},
{
"category": "self",
"summary": "SUSE Bug 1223695",
"url": "https://bugzilla.suse.com/1223695"
},
{
"category": "self",
"summary": "SUSE Bug 1223696",
"url": "https://bugzilla.suse.com/1223696"
},
{
"category": "self",
"summary": "SUSE Bug 1223698",
"url": "https://bugzilla.suse.com/1223698"
},
{
"category": "self",
"summary": "SUSE Bug 1223705",
"url": "https://bugzilla.suse.com/1223705"
},
{
"category": "self",
"summary": "SUSE Bug 1223712",
"url": "https://bugzilla.suse.com/1223712"
},
{
"category": "self",
"summary": "SUSE Bug 1223718",
"url": "https://bugzilla.suse.com/1223718"
},
{
"category": "self",
"summary": "SUSE Bug 1223728",
"url": "https://bugzilla.suse.com/1223728"
},
{
"category": "self",
"summary": "SUSE Bug 1223731",
"url": "https://bugzilla.suse.com/1223731"
},
{
"category": "self",
"summary": "SUSE Bug 1223732",
"url": "https://bugzilla.suse.com/1223732"
},
{
"category": "self",
"summary": "SUSE Bug 1223735",
"url": "https://bugzilla.suse.com/1223735"
},
{
"category": "self",
"summary": "SUSE Bug 1223739",
"url": "https://bugzilla.suse.com/1223739"
},
{
"category": "self",
"summary": "SUSE Bug 1223740",
"url": "https://bugzilla.suse.com/1223740"
},
{
"category": "self",
"summary": "SUSE Bug 1223741",
"url": "https://bugzilla.suse.com/1223741"
},
{
"category": "self",
"summary": "SUSE Bug 1223744",
"url": "https://bugzilla.suse.com/1223744"
},
{
"category": "self",
"summary": "SUSE Bug 1223745",
"url": "https://bugzilla.suse.com/1223745"
},
{
"category": "self",
"summary": "SUSE Bug 1223747",
"url": "https://bugzilla.suse.com/1223747"
},
{
"category": "self",
"summary": "SUSE Bug 1223748",
"url": "https://bugzilla.suse.com/1223748"
},
{
"category": "self",
"summary": "SUSE Bug 1223749",
"url": "https://bugzilla.suse.com/1223749"
},
{
"category": "self",
"summary": "SUSE Bug 1223750",
"url": "https://bugzilla.suse.com/1223750"
},
{
"category": "self",
"summary": "SUSE Bug 1223752",
"url": "https://bugzilla.suse.com/1223752"
},
{
"category": "self",
"summary": "SUSE Bug 1223754",
"url": "https://bugzilla.suse.com/1223754"
},
{
"category": "self",
"summary": "SUSE Bug 1223757",
"url": "https://bugzilla.suse.com/1223757"
},
{
"category": "self",
"summary": "SUSE Bug 1223759",
"url": "https://bugzilla.suse.com/1223759"
},
{
"category": "self",
"summary": "SUSE Bug 1223761",
"url": "https://bugzilla.suse.com/1223761"
},
{
"category": "self",
"summary": "SUSE Bug 1223762",
"url": "https://bugzilla.suse.com/1223762"
},
{
"category": "self",
"summary": "SUSE Bug 1223774",
"url": "https://bugzilla.suse.com/1223774"
},
{
"category": "self",
"summary": "SUSE Bug 1223778",
"url": "https://bugzilla.suse.com/1223778"
},
{
"category": "self",
"summary": "SUSE Bug 1223782",
"url": "https://bugzilla.suse.com/1223782"
},
{
"category": "self",
"summary": "SUSE Bug 1223787",
"url": "https://bugzilla.suse.com/1223787"
},
{
"category": "self",
"summary": "SUSE Bug 1223788",
"url": "https://bugzilla.suse.com/1223788"
},
{
"category": "self",
"summary": "SUSE Bug 1223790",
"url": "https://bugzilla.suse.com/1223790"
},
{
"category": "self",
"summary": "SUSE Bug 1223802",
"url": "https://bugzilla.suse.com/1223802"
},
{
"category": "self",
"summary": "SUSE Bug 1223804",
"url": "https://bugzilla.suse.com/1223804"
},
{
"category": "self",
"summary": "SUSE Bug 1223805",
"url": "https://bugzilla.suse.com/1223805"
},
{
"category": "self",
"summary": "SUSE Bug 1223806",
"url": "https://bugzilla.suse.com/1223806"
},
{
"category": "self",
"summary": "SUSE Bug 1223807",
"url": "https://bugzilla.suse.com/1223807"
},
{
"category": "self",
"summary": "SUSE Bug 1223813",
"url": "https://bugzilla.suse.com/1223813"
},
{
"category": "self",
"summary": "SUSE Bug 1223815",
"url": "https://bugzilla.suse.com/1223815"
},
{
"category": "self",
"summary": "SUSE Bug 1223822",
"url": "https://bugzilla.suse.com/1223822"
},
{
"category": "self",
"summary": "SUSE Bug 1223827",
"url": "https://bugzilla.suse.com/1223827"
},
{
"category": "self",
"summary": "SUSE Bug 1223831",
"url": "https://bugzilla.suse.com/1223831"
},
{
"category": "self",
"summary": "SUSE Bug 1223834",
"url": "https://bugzilla.suse.com/1223834"
},
{
"category": "self",
"summary": "SUSE Bug 1223836",
"url": "https://bugzilla.suse.com/1223836"
},
{
"category": "self",
"summary": "SUSE Bug 1223838",
"url": "https://bugzilla.suse.com/1223838"
},
{
"category": "self",
"summary": "SUSE Bug 1223863",
"url": "https://bugzilla.suse.com/1223863"
},
{
"category": "self",
"summary": "SUSE Bug 1223869",
"url": "https://bugzilla.suse.com/1223869"
},
{
"category": "self",
"summary": "SUSE Bug 1223870",
"url": "https://bugzilla.suse.com/1223870"
},
{
"category": "self",
"summary": "SUSE Bug 1223871",
"url": "https://bugzilla.suse.com/1223871"
},
{
"category": "self",
"summary": "SUSE Bug 1223872",
"url": "https://bugzilla.suse.com/1223872"
},
{
"category": "self",
"summary": "SUSE Bug 1223874",
"url": "https://bugzilla.suse.com/1223874"
},
{
"category": "self",
"summary": "SUSE Bug 1223944",
"url": "https://bugzilla.suse.com/1223944"
},
{
"category": "self",
"summary": "SUSE Bug 1223945",
"url": "https://bugzilla.suse.com/1223945"
},
{
"category": "self",
"summary": "SUSE Bug 1223946",
"url": "https://bugzilla.suse.com/1223946"
},
{
"category": "self",
"summary": "SUSE Bug 1223991",
"url": "https://bugzilla.suse.com/1223991"
},
{
"category": "self",
"summary": "SUSE Bug 1224049",
"url": "https://bugzilla.suse.com/1224049"
},
{
"category": "self",
"summary": "SUSE Bug 1224076",
"url": "https://bugzilla.suse.com/1224076"
},
{
"category": "self",
"summary": "SUSE Bug 1224096",
"url": "https://bugzilla.suse.com/1224096"
},
{
"category": "self",
"summary": "SUSE Bug 1224098",
"url": "https://bugzilla.suse.com/1224098"
},
{
"category": "self",
"summary": "SUSE Bug 1224137",
"url": "https://bugzilla.suse.com/1224137"
},
{
"category": "self",
"summary": "SUSE Bug 1224166",
"url": "https://bugzilla.suse.com/1224166"
},
{
"category": "self",
"summary": "SUSE Bug 1224177",
"url": "https://bugzilla.suse.com/1224177"
},
{
"category": "self",
"summary": "SUSE Bug 1224180",
"url": "https://bugzilla.suse.com/1224180"
},
{
"category": "self",
"summary": "SUSE Bug 1224181",
"url": "https://bugzilla.suse.com/1224181"
},
{
"category": "self",
"summary": "SUSE Bug 1224187",
"url": "https://bugzilla.suse.com/1224187"
},
{
"category": "self",
"summary": "SUSE Bug 1224331",
"url": "https://bugzilla.suse.com/1224331"
},
{
"category": "self",
"summary": "SUSE Bug 1224414",
"url": "https://bugzilla.suse.com/1224414"
},
{
"category": "self",
"summary": "SUSE Bug 1224422",
"url": "https://bugzilla.suse.com/1224422"
},
{
"category": "self",
"summary": "SUSE Bug 1224423",
"url": "https://bugzilla.suse.com/1224423"
},
{
"category": "self",
"summary": "SUSE Bug 1224429",
"url": "https://bugzilla.suse.com/1224429"
},
{
"category": "self",
"summary": "SUSE Bug 1224430",
"url": "https://bugzilla.suse.com/1224430"
},
{
"category": "self",
"summary": "SUSE Bug 1224432",
"url": "https://bugzilla.suse.com/1224432"
},
{
"category": "self",
"summary": "SUSE Bug 1224433",
"url": "https://bugzilla.suse.com/1224433"
},
{
"category": "self",
"summary": "SUSE Bug 1224437",
"url": "https://bugzilla.suse.com/1224437"
},
{
"category": "self",
"summary": "SUSE Bug 1224438",
"url": "https://bugzilla.suse.com/1224438"
},
{
"category": "self",
"summary": "SUSE Bug 1224439",
"url": "https://bugzilla.suse.com/1224439"
},
{
"category": "self",
"summary": "SUSE Bug 1224442",
"url": "https://bugzilla.suse.com/1224442"
},
{
"category": "self",
"summary": "SUSE Bug 1224443",
"url": "https://bugzilla.suse.com/1224443"
},
{
"category": "self",
"summary": "SUSE Bug 1224445",
"url": "https://bugzilla.suse.com/1224445"
},
{
"category": "self",
"summary": "SUSE Bug 1224449",
"url": "https://bugzilla.suse.com/1224449"
},
{
"category": "self",
"summary": "SUSE Bug 1224477",
"url": "https://bugzilla.suse.com/1224477"
},
{
"category": "self",
"summary": "SUSE Bug 1224479",
"url": "https://bugzilla.suse.com/1224479"
},
{
"category": "self",
"summary": "SUSE Bug 1224480",
"url": "https://bugzilla.suse.com/1224480"
},
{
"category": "self",
"summary": "SUSE Bug 1224481",
"url": "https://bugzilla.suse.com/1224481"
},
{
"category": "self",
"summary": "SUSE Bug 1224482",
"url": "https://bugzilla.suse.com/1224482"
},
{
"category": "self",
"summary": "SUSE Bug 1224486",
"url": "https://bugzilla.suse.com/1224486"
},
{
"category": "self",
"summary": "SUSE Bug 1224487",
"url": "https://bugzilla.suse.com/1224487"
},
{
"category": "self",
"summary": "SUSE Bug 1224488",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "self",
"summary": "SUSE Bug 1224490",
"url": "https://bugzilla.suse.com/1224490"
},
{
"category": "self",
"summary": "SUSE Bug 1224491",
"url": "https://bugzilla.suse.com/1224491"
},
{
"category": "self",
"summary": "SUSE Bug 1224492",
"url": "https://bugzilla.suse.com/1224492"
},
{
"category": "self",
"summary": "SUSE Bug 1224493",
"url": "https://bugzilla.suse.com/1224493"
},
{
"category": "self",
"summary": "SUSE Bug 1224494",
"url": "https://bugzilla.suse.com/1224494"
},
{
"category": "self",
"summary": "SUSE Bug 1224495",
"url": "https://bugzilla.suse.com/1224495"
},
{
"category": "self",
"summary": "SUSE Bug 1224497",
"url": "https://bugzilla.suse.com/1224497"
},
{
"category": "self",
"summary": "SUSE Bug 1224498",
"url": "https://bugzilla.suse.com/1224498"
},
{
"category": "self",
"summary": "SUSE Bug 1224499",
"url": "https://bugzilla.suse.com/1224499"
},
{
"category": "self",
"summary": "SUSE Bug 1224500",
"url": "https://bugzilla.suse.com/1224500"
},
{
"category": "self",
"summary": "SUSE Bug 1224501",
"url": "https://bugzilla.suse.com/1224501"
},
{
"category": "self",
"summary": "SUSE Bug 1224502",
"url": "https://bugzilla.suse.com/1224502"
},
{
"category": "self",
"summary": "SUSE Bug 1224504",
"url": "https://bugzilla.suse.com/1224504"
},
{
"category": "self",
"summary": "SUSE Bug 1224505",
"url": "https://bugzilla.suse.com/1224505"
},
{
"category": "self",
"summary": "SUSE Bug 1224506",
"url": "https://bugzilla.suse.com/1224506"
},
{
"category": "self",
"summary": "SUSE Bug 1224507",
"url": "https://bugzilla.suse.com/1224507"
},
{
"category": "self",
"summary": "SUSE Bug 1224508",
"url": "https://bugzilla.suse.com/1224508"
},
{
"category": "self",
"summary": "SUSE Bug 1224509",
"url": "https://bugzilla.suse.com/1224509"
},
{
"category": "self",
"summary": "SUSE Bug 1224511",
"url": "https://bugzilla.suse.com/1224511"
},
{
"category": "self",
"summary": "SUSE Bug 1224512",
"url": "https://bugzilla.suse.com/1224512"
},
{
"category": "self",
"summary": "SUSE Bug 1224513",
"url": "https://bugzilla.suse.com/1224513"
},
{
"category": "self",
"summary": "SUSE Bug 1224515",
"url": "https://bugzilla.suse.com/1224515"
},
{
"category": "self",
"summary": "SUSE Bug 1224516",
"url": "https://bugzilla.suse.com/1224516"
},
{
"category": "self",
"summary": "SUSE Bug 1224517",
"url": "https://bugzilla.suse.com/1224517"
},
{
"category": "self",
"summary": "SUSE Bug 1224519",
"url": "https://bugzilla.suse.com/1224519"
},
{
"category": "self",
"summary": "SUSE Bug 1224520",
"url": "https://bugzilla.suse.com/1224520"
},
{
"category": "self",
"summary": "SUSE Bug 1224521",
"url": "https://bugzilla.suse.com/1224521"
},
{
"category": "self",
"summary": "SUSE Bug 1224523",
"url": "https://bugzilla.suse.com/1224523"
},
{
"category": "self",
"summary": "SUSE Bug 1224524",
"url": "https://bugzilla.suse.com/1224524"
},
{
"category": "self",
"summary": "SUSE Bug 1224525",
"url": "https://bugzilla.suse.com/1224525"
},
{
"category": "self",
"summary": "SUSE Bug 1224526",
"url": "https://bugzilla.suse.com/1224526"
},
{
"category": "self",
"summary": "SUSE Bug 1224530",
"url": "https://bugzilla.suse.com/1224530"
},
{
"category": "self",
"summary": "SUSE Bug 1224531",
"url": "https://bugzilla.suse.com/1224531"
},
{
"category": "self",
"summary": "SUSE Bug 1224534",
"url": "https://bugzilla.suse.com/1224534"
},
{
"category": "self",
"summary": "SUSE Bug 1224537",
"url": "https://bugzilla.suse.com/1224537"
},
{
"category": "self",
"summary": "SUSE Bug 1224539",
"url": "https://bugzilla.suse.com/1224539"
},
{
"category": "self",
"summary": "SUSE Bug 1224540",
"url": "https://bugzilla.suse.com/1224540"
},
{
"category": "self",
"summary": "SUSE Bug 1224541",
"url": "https://bugzilla.suse.com/1224541"
},
{
"category": "self",
"summary": "SUSE Bug 1224542",
"url": "https://bugzilla.suse.com/1224542"
},
{
"category": "self",
"summary": "SUSE Bug 1224543",
"url": "https://bugzilla.suse.com/1224543"
},
{
"category": "self",
"summary": "SUSE Bug 1224544",
"url": "https://bugzilla.suse.com/1224544"
},
{
"category": "self",
"summary": "SUSE Bug 1224545",
"url": "https://bugzilla.suse.com/1224545"
},
{
"category": "self",
"summary": "SUSE Bug 1224546",
"url": "https://bugzilla.suse.com/1224546"
},
{
"category": "self",
"summary": "SUSE Bug 1224549",
"url": "https://bugzilla.suse.com/1224549"
},
{
"category": "self",
"summary": "SUSE Bug 1224550",
"url": "https://bugzilla.suse.com/1224550"
},
{
"category": "self",
"summary": "SUSE Bug 1224552",
"url": "https://bugzilla.suse.com/1224552"
},
{
"category": "self",
"summary": "SUSE Bug 1224553",
"url": "https://bugzilla.suse.com/1224553"
},
{
"category": "self",
"summary": "SUSE Bug 1224555",
"url": "https://bugzilla.suse.com/1224555"
},
{
"category": "self",
"summary": "SUSE Bug 1224557",
"url": "https://bugzilla.suse.com/1224557"
},
{
"category": "self",
"summary": "SUSE Bug 1224558",
"url": "https://bugzilla.suse.com/1224558"
},
{
"category": "self",
"summary": "SUSE Bug 1224559",
"url": "https://bugzilla.suse.com/1224559"
},
{
"category": "self",
"summary": "SUSE Bug 1224562",
"url": "https://bugzilla.suse.com/1224562"
},
{
"category": "self",
"summary": "SUSE Bug 1224565",
"url": "https://bugzilla.suse.com/1224565"
},
{
"category": "self",
"summary": "SUSE Bug 1224566",
"url": "https://bugzilla.suse.com/1224566"
},
{
"category": "self",
"summary": "SUSE Bug 1224567",
"url": "https://bugzilla.suse.com/1224567"
},
{
"category": "self",
"summary": "SUSE Bug 1224568",
"url": "https://bugzilla.suse.com/1224568"
},
{
"category": "self",
"summary": "SUSE Bug 1224569",
"url": "https://bugzilla.suse.com/1224569"
},
{
"category": "self",
"summary": "SUSE Bug 1224571",
"url": "https://bugzilla.suse.com/1224571"
},
{
"category": "self",
"summary": "SUSE Bug 1224572",
"url": "https://bugzilla.suse.com/1224572"
},
{
"category": "self",
"summary": "SUSE Bug 1224573",
"url": "https://bugzilla.suse.com/1224573"
},
{
"category": "self",
"summary": "SUSE Bug 1224575",
"url": "https://bugzilla.suse.com/1224575"
},
{
"category": "self",
"summary": "SUSE Bug 1224576",
"url": "https://bugzilla.suse.com/1224576"
},
{
"category": "self",
"summary": "SUSE Bug 1224577",
"url": "https://bugzilla.suse.com/1224577"
},
{
"category": "self",
"summary": "SUSE Bug 1224578",
"url": "https://bugzilla.suse.com/1224578"
},
{
"category": "self",
"summary": "SUSE Bug 1224579",
"url": "https://bugzilla.suse.com/1224579"
},
{
"category": "self",
"summary": "SUSE Bug 1224580",
"url": "https://bugzilla.suse.com/1224580"
},
{
"category": "self",
"summary": "SUSE Bug 1224581",
"url": "https://bugzilla.suse.com/1224581"
},
{
"category": "self",
"summary": "SUSE Bug 1224582",
"url": "https://bugzilla.suse.com/1224582"
},
{
"category": "self",
"summary": "SUSE Bug 1224583",
"url": "https://bugzilla.suse.com/1224583"
},
{
"category": "self",
"summary": "SUSE Bug 1224584",
"url": "https://bugzilla.suse.com/1224584"
},
{
"category": "self",
"summary": "SUSE Bug 1224585",
"url": "https://bugzilla.suse.com/1224585"
},
{
"category": "self",
"summary": "SUSE Bug 1224586",
"url": "https://bugzilla.suse.com/1224586"
},
{
"category": "self",
"summary": "SUSE Bug 1224587",
"url": "https://bugzilla.suse.com/1224587"
},
{
"category": "self",
"summary": "SUSE Bug 1224588",
"url": "https://bugzilla.suse.com/1224588"
},
{
"category": "self",
"summary": "SUSE Bug 1224589",
"url": "https://bugzilla.suse.com/1224589"
},
{
"category": "self",
"summary": "SUSE Bug 1224592",
"url": "https://bugzilla.suse.com/1224592"
},
{
"category": "self",
"summary": "SUSE Bug 1224596",
"url": "https://bugzilla.suse.com/1224596"
},
{
"category": "self",
"summary": "SUSE Bug 1224598",
"url": "https://bugzilla.suse.com/1224598"
},
{
"category": "self",
"summary": "SUSE Bug 1224600",
"url": "https://bugzilla.suse.com/1224600"
},
{
"category": "self",
"summary": "SUSE Bug 1224601",
"url": "https://bugzilla.suse.com/1224601"
},
{
"category": "self",
"summary": "SUSE Bug 1224602",
"url": "https://bugzilla.suse.com/1224602"
},
{
"category": "self",
"summary": "SUSE Bug 1224603",
"url": "https://bugzilla.suse.com/1224603"
},
{
"category": "self",
"summary": "SUSE Bug 1224604",
"url": "https://bugzilla.suse.com/1224604"
},
{
"category": "self",
"summary": "SUSE Bug 1224605",
"url": "https://bugzilla.suse.com/1224605"
},
{
"category": "self",
"summary": "SUSE Bug 1224606",
"url": "https://bugzilla.suse.com/1224606"
},
{
"category": "self",
"summary": "SUSE Bug 1224607",
"url": "https://bugzilla.suse.com/1224607"
},
{
"category": "self",
"summary": "SUSE Bug 1224608",
"url": "https://bugzilla.suse.com/1224608"
},
{
"category": "self",
"summary": "SUSE Bug 1224609",
"url": "https://bugzilla.suse.com/1224609"
},
{
"category": "self",
"summary": "SUSE Bug 1224611",
"url": "https://bugzilla.suse.com/1224611"
},
{
"category": "self",
"summary": "SUSE Bug 1224612",
"url": "https://bugzilla.suse.com/1224612"
},
{
"category": "self",
"summary": "SUSE Bug 1224613",
"url": "https://bugzilla.suse.com/1224613"
},
{
"category": "self",
"summary": "SUSE Bug 1224614",
"url": "https://bugzilla.suse.com/1224614"
},
{
"category": "self",
"summary": "SUSE Bug 1224615",
"url": "https://bugzilla.suse.com/1224615"
},
{
"category": "self",
"summary": "SUSE Bug 1224617",
"url": "https://bugzilla.suse.com/1224617"
},
{
"category": "self",
"summary": "SUSE Bug 1224618",
"url": "https://bugzilla.suse.com/1224618"
},
{
"category": "self",
"summary": "SUSE Bug 1224619",
"url": "https://bugzilla.suse.com/1224619"
},
{
"category": "self",
"summary": "SUSE Bug 1224620",
"url": "https://bugzilla.suse.com/1224620"
},
{
"category": "self",
"summary": "SUSE Bug 1224621",
"url": "https://bugzilla.suse.com/1224621"
},
{
"category": "self",
"summary": "SUSE Bug 1224622",
"url": "https://bugzilla.suse.com/1224622"
},
{
"category": "self",
"summary": "SUSE Bug 1224623",
"url": "https://bugzilla.suse.com/1224623"
},
{
"category": "self",
"summary": "SUSE Bug 1224624",
"url": "https://bugzilla.suse.com/1224624"
},
{
"category": "self",
"summary": "SUSE Bug 1224626",
"url": "https://bugzilla.suse.com/1224626"
},
{
"category": "self",
"summary": "SUSE Bug 1224627",
"url": "https://bugzilla.suse.com/1224627"
},
{
"category": "self",
"summary": "SUSE Bug 1224628",
"url": "https://bugzilla.suse.com/1224628"
},
{
"category": "self",
"summary": "SUSE Bug 1224629",
"url": "https://bugzilla.suse.com/1224629"
},
{
"category": "self",
"summary": "SUSE Bug 1224630",
"url": "https://bugzilla.suse.com/1224630"
},
{
"category": "self",
"summary": "SUSE Bug 1224632",
"url": "https://bugzilla.suse.com/1224632"
},
{
"category": "self",
"summary": "SUSE Bug 1224633",
"url": "https://bugzilla.suse.com/1224633"
},
{
"category": "self",
"summary": "SUSE Bug 1224634",
"url": "https://bugzilla.suse.com/1224634"
},
{
"category": "self",
"summary": "SUSE Bug 1224636",
"url": "https://bugzilla.suse.com/1224636"
},
{
"category": "self",
"summary": "SUSE Bug 1224637",
"url": "https://bugzilla.suse.com/1224637"
},
{
"category": "self",
"summary": "SUSE Bug 1224638",
"url": "https://bugzilla.suse.com/1224638"
},
{
"category": "self",
"summary": "SUSE Bug 1224639",
"url": "https://bugzilla.suse.com/1224639"
},
{
"category": "self",
"summary": "SUSE Bug 1224640",
"url": "https://bugzilla.suse.com/1224640"
},
{
"category": "self",
"summary": "SUSE Bug 1224641",
"url": "https://bugzilla.suse.com/1224641"
},
{
"category": "self",
"summary": "SUSE Bug 1224643",
"url": "https://bugzilla.suse.com/1224643"
},
{
"category": "self",
"summary": "SUSE Bug 1224644",
"url": "https://bugzilla.suse.com/1224644"
},
{
"category": "self",
"summary": "SUSE Bug 1224645",
"url": "https://bugzilla.suse.com/1224645"
},
{
"category": "self",
"summary": "SUSE Bug 1224646",
"url": "https://bugzilla.suse.com/1224646"
},
{
"category": "self",
"summary": "SUSE Bug 1224647",
"url": "https://bugzilla.suse.com/1224647"
},
{
"category": "self",
"summary": "SUSE Bug 1224648",
"url": "https://bugzilla.suse.com/1224648"
},
{
"category": "self",
"summary": "SUSE Bug 1224649",
"url": "https://bugzilla.suse.com/1224649"
},
{
"category": "self",
"summary": "SUSE Bug 1224650",
"url": "https://bugzilla.suse.com/1224650"
},
{
"category": "self",
"summary": "SUSE Bug 1224651",
"url": "https://bugzilla.suse.com/1224651"
},
{
"category": "self",
"summary": "SUSE Bug 1224652",
"url": "https://bugzilla.suse.com/1224652"
},
{
"category": "self",
"summary": "SUSE Bug 1224653",
"url": "https://bugzilla.suse.com/1224653"
},
{
"category": "self",
"summary": "SUSE Bug 1224654",
"url": "https://bugzilla.suse.com/1224654"
},
{
"category": "self",
"summary": "SUSE Bug 1224655",
"url": "https://bugzilla.suse.com/1224655"
},
{
"category": "self",
"summary": "SUSE Bug 1224657",
"url": "https://bugzilla.suse.com/1224657"
},
{
"category": "self",
"summary": "SUSE Bug 1224659",
"url": "https://bugzilla.suse.com/1224659"
},
{
"category": "self",
"summary": "SUSE Bug 1224660",
"url": "https://bugzilla.suse.com/1224660"
},
{
"category": "self",
"summary": "SUSE Bug 1224661",
"url": "https://bugzilla.suse.com/1224661"
},
{
"category": "self",
"summary": "SUSE Bug 1224662",
"url": "https://bugzilla.suse.com/1224662"
},
{
"category": "self",
"summary": "SUSE Bug 1224663",
"url": "https://bugzilla.suse.com/1224663"
},
{
"category": "self",
"summary": "SUSE Bug 1224664",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "self",
"summary": "SUSE Bug 1224665",
"url": "https://bugzilla.suse.com/1224665"
},
{
"category": "self",
"summary": "SUSE Bug 1224666",
"url": "https://bugzilla.suse.com/1224666"
},
{
"category": "self",
"summary": "SUSE Bug 1224667",
"url": "https://bugzilla.suse.com/1224667"
},
{
"category": "self",
"summary": "SUSE Bug 1224668",
"url": "https://bugzilla.suse.com/1224668"
},
{
"category": "self",
"summary": "SUSE Bug 1224670",
"url": "https://bugzilla.suse.com/1224670"
},
{
"category": "self",
"summary": "SUSE Bug 1224671",
"url": "https://bugzilla.suse.com/1224671"
},
{
"category": "self",
"summary": "SUSE Bug 1224673",
"url": "https://bugzilla.suse.com/1224673"
},
{
"category": "self",
"summary": "SUSE Bug 1224674",
"url": "https://bugzilla.suse.com/1224674"
},
{
"category": "self",
"summary": "SUSE Bug 1224675",
"url": "https://bugzilla.suse.com/1224675"
},
{
"category": "self",
"summary": "SUSE Bug 1224676",
"url": "https://bugzilla.suse.com/1224676"
},
{
"category": "self",
"summary": "SUSE Bug 1224677",
"url": "https://bugzilla.suse.com/1224677"
},
{
"category": "self",
"summary": "SUSE Bug 1224678",
"url": "https://bugzilla.suse.com/1224678"
},
{
"category": "self",
"summary": "SUSE Bug 1224680",
"url": "https://bugzilla.suse.com/1224680"
},
{
"category": "self",
"summary": "SUSE Bug 1224681",
"url": "https://bugzilla.suse.com/1224681"
},
{
"category": "self",
"summary": "SUSE Bug 1224682",
"url": "https://bugzilla.suse.com/1224682"
},
{
"category": "self",
"summary": "SUSE Bug 1224683",
"url": "https://bugzilla.suse.com/1224683"
},
{
"category": "self",
"summary": "SUSE Bug 1224685",
"url": "https://bugzilla.suse.com/1224685"
},
{
"category": "self",
"summary": "SUSE Bug 1224686",
"url": "https://bugzilla.suse.com/1224686"
},
{
"category": "self",
"summary": "SUSE Bug 1224687",
"url": "https://bugzilla.suse.com/1224687"
},
{
"category": "self",
"summary": "SUSE Bug 1224688",
"url": "https://bugzilla.suse.com/1224688"
},
{
"category": "self",
"summary": "SUSE Bug 1224692",
"url": "https://bugzilla.suse.com/1224692"
},
{
"category": "self",
"summary": "SUSE Bug 1224696",
"url": "https://bugzilla.suse.com/1224696"
},
{
"category": "self",
"summary": "SUSE Bug 1224697",
"url": "https://bugzilla.suse.com/1224697"
},
{
"category": "self",
"summary": "SUSE Bug 1224698",
"url": "https://bugzilla.suse.com/1224698"
},
{
"category": "self",
"summary": "SUSE Bug 1224699",
"url": "https://bugzilla.suse.com/1224699"
},
{
"category": "self",
"summary": "SUSE Bug 1224701",
"url": "https://bugzilla.suse.com/1224701"
},
{
"category": "self",
"summary": "SUSE Bug 1224703",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "self",
"summary": "SUSE Bug 1224704",
"url": "https://bugzilla.suse.com/1224704"
},
{
"category": "self",
"summary": "SUSE Bug 1224705",
"url": "https://bugzilla.suse.com/1224705"
},
{
"category": "self",
"summary": "SUSE Bug 1224706",
"url": "https://bugzilla.suse.com/1224706"
},
{
"category": "self",
"summary": "SUSE Bug 1224707",
"url": "https://bugzilla.suse.com/1224707"
},
{
"category": "self",
"summary": "SUSE Bug 1224709",
"url": "https://bugzilla.suse.com/1224709"
},
{
"category": "self",
"summary": "SUSE Bug 1224710",
"url": "https://bugzilla.suse.com/1224710"
},
{
"category": "self",
"summary": "SUSE Bug 1224712",
"url": "https://bugzilla.suse.com/1224712"
},
{
"category": "self",
"summary": "SUSE Bug 1224714",
"url": "https://bugzilla.suse.com/1224714"
},
{
"category": "self",
"summary": "SUSE Bug 1224716",
"url": "https://bugzilla.suse.com/1224716"
},
{
"category": "self",
"summary": "SUSE Bug 1224717",
"url": "https://bugzilla.suse.com/1224717"
},
{
"category": "self",
"summary": "SUSE Bug 1224718",
"url": "https://bugzilla.suse.com/1224718"
},
{
"category": "self",
"summary": "SUSE Bug 1224719",
"url": "https://bugzilla.suse.com/1224719"
},
{
"category": "self",
"summary": "SUSE Bug 1224720",
"url": "https://bugzilla.suse.com/1224720"
},
{
"category": "self",
"summary": "SUSE Bug 1224721",
"url": "https://bugzilla.suse.com/1224721"
},
{
"category": "self",
"summary": "SUSE Bug 1224722",
"url": "https://bugzilla.suse.com/1224722"
},
{
"category": "self",
"summary": "SUSE Bug 1224723",
"url": "https://bugzilla.suse.com/1224723"
},
{
"category": "self",
"summary": "SUSE Bug 1224725",
"url": "https://bugzilla.suse.com/1224725"
},
{
"category": "self",
"summary": "SUSE Bug 1224727",
"url": "https://bugzilla.suse.com/1224727"
},
{
"category": "self",
"summary": "SUSE Bug 1224728",
"url": "https://bugzilla.suse.com/1224728"
},
{
"category": "self",
"summary": "SUSE Bug 1224729",
"url": "https://bugzilla.suse.com/1224729"
},
{
"category": "self",
"summary": "SUSE Bug 1224730",
"url": "https://bugzilla.suse.com/1224730"
},
{
"category": "self",
"summary": "SUSE Bug 1224731",
"url": "https://bugzilla.suse.com/1224731"
},
{
"category": "self",
"summary": "SUSE Bug 1224732",
"url": "https://bugzilla.suse.com/1224732"
},
{
"category": "self",
"summary": "SUSE Bug 1224733",
"url": "https://bugzilla.suse.com/1224733"
},
{
"category": "self",
"summary": "SUSE Bug 1224735",
"url": "https://bugzilla.suse.com/1224735"
},
{
"category": "self",
"summary": "SUSE Bug 1224736",
"url": "https://bugzilla.suse.com/1224736"
},
{
"category": "self",
"summary": "SUSE Bug 1224738",
"url": "https://bugzilla.suse.com/1224738"
},
{
"category": "self",
"summary": "SUSE Bug 1224739",
"url": "https://bugzilla.suse.com/1224739"
},
{
"category": "self",
"summary": "SUSE Bug 1224740",
"url": "https://bugzilla.suse.com/1224740"
},
{
"category": "self",
"summary": "SUSE Bug 1224741",
"url": "https://bugzilla.suse.com/1224741"
},
{
"category": "self",
"summary": "SUSE Bug 1224742",
"url": "https://bugzilla.suse.com/1224742"
},
{
"category": "self",
"summary": "SUSE Bug 1224743",
"url": "https://bugzilla.suse.com/1224743"
},
{
"category": "self",
"summary": "SUSE Bug 1224747",
"url": "https://bugzilla.suse.com/1224747"
},
{
"category": "self",
"summary": "SUSE Bug 1224749",
"url": "https://bugzilla.suse.com/1224749"
},
{
"category": "self",
"summary": "SUSE Bug 1224751",
"url": "https://bugzilla.suse.com/1224751"
},
{
"category": "self",
"summary": "SUSE Bug 1224759",
"url": "https://bugzilla.suse.com/1224759"
},
{
"category": "self",
"summary": "SUSE Bug 1224763",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "self",
"summary": "SUSE Bug 1224764",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "self",
"summary": "SUSE Bug 1224765",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "self",
"summary": "SUSE Bug 1224766",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "self",
"summary": "SUSE Bug 1224767",
"url": "https://bugzilla.suse.com/1224767"
},
{
"category": "self",
"summary": "SUSE Bug 1224790",
"url": "https://bugzilla.suse.com/1224790"
},
{
"category": "self",
"summary": "SUSE Bug 1224792",
"url": "https://bugzilla.suse.com/1224792"
},
{
"category": "self",
"summary": "SUSE Bug 1224793",
"url": "https://bugzilla.suse.com/1224793"
},
{
"category": "self",
"summary": "SUSE Bug 1224803",
"url": "https://bugzilla.suse.com/1224803"
},
{
"category": "self",
"summary": "SUSE Bug 1224804",
"url": "https://bugzilla.suse.com/1224804"
},
{
"category": "self",
"summary": "SUSE Bug 1224866",
"url": "https://bugzilla.suse.com/1224866"
},
{
"category": "self",
"summary": "SUSE Bug 1224928",
"url": "https://bugzilla.suse.com/1224928"
},
{
"category": "self",
"summary": "SUSE Bug 1224930",
"url": "https://bugzilla.suse.com/1224930"
},
{
"category": "self",
"summary": "SUSE Bug 1224932",
"url": "https://bugzilla.suse.com/1224932"
},
{
"category": "self",
"summary": "SUSE Bug 1224933",
"url": "https://bugzilla.suse.com/1224933"
},
{
"category": "self",
"summary": "SUSE Bug 1224935",
"url": "https://bugzilla.suse.com/1224935"
},
{
"category": "self",
"summary": "SUSE Bug 1224936",
"url": "https://bugzilla.suse.com/1224936"
},
{
"category": "self",
"summary": "SUSE Bug 1224937",
"url": "https://bugzilla.suse.com/1224937"
},
{
"category": "self",
"summary": "SUSE Bug 1224939",
"url": "https://bugzilla.suse.com/1224939"
},
{
"category": "self",
"summary": "SUSE Bug 1224941",
"url": "https://bugzilla.suse.com/1224941"
},
{
"category": "self",
"summary": "SUSE Bug 1224944",
"url": "https://bugzilla.suse.com/1224944"
},
{
"category": "self",
"summary": "SUSE Bug 1224946",
"url": "https://bugzilla.suse.com/1224946"
},
{
"category": "self",
"summary": "SUSE Bug 1224947",
"url": "https://bugzilla.suse.com/1224947"
},
{
"category": "self",
"summary": "SUSE Bug 1224949",
"url": "https://bugzilla.suse.com/1224949"
},
{
"category": "self",
"summary": "SUSE Bug 1224951",
"url": "https://bugzilla.suse.com/1224951"
},
{
"category": "self",
"summary": "SUSE Bug 1224988",
"url": "https://bugzilla.suse.com/1224988"
},
{
"category": "self",
"summary": "SUSE Bug 1224989",
"url": "https://bugzilla.suse.com/1224989"
},
{
"category": "self",
"summary": "SUSE Bug 1224992",
"url": "https://bugzilla.suse.com/1224992"
},
{
"category": "self",
"summary": "SUSE Bug 1224998",
"url": "https://bugzilla.suse.com/1224998"
},
{
"category": "self",
"summary": "SUSE Bug 1225000",
"url": "https://bugzilla.suse.com/1225000"
},
{
"category": "self",
"summary": "SUSE Bug 1225001",
"url": "https://bugzilla.suse.com/1225001"
},
{
"category": "self",
"summary": "SUSE Bug 1225004",
"url": "https://bugzilla.suse.com/1225004"
},
{
"category": "self",
"summary": "SUSE Bug 1225006",
"url": "https://bugzilla.suse.com/1225006"
},
{
"category": "self",
"summary": "SUSE Bug 1225007",
"url": "https://bugzilla.suse.com/1225007"
},
{
"category": "self",
"summary": "SUSE Bug 1225008",
"url": "https://bugzilla.suse.com/1225008"
},
{
"category": "self",
"summary": "SUSE Bug 1225009",
"url": "https://bugzilla.suse.com/1225009"
},
{
"category": "self",
"summary": "SUSE Bug 1225014",
"url": "https://bugzilla.suse.com/1225014"
},
{
"category": "self",
"summary": "SUSE Bug 1225015",
"url": "https://bugzilla.suse.com/1225015"
},
{
"category": "self",
"summary": "SUSE Bug 1225022",
"url": "https://bugzilla.suse.com/1225022"
},
{
"category": "self",
"summary": "SUSE Bug 1225025",
"url": "https://bugzilla.suse.com/1225025"
},
{
"category": "self",
"summary": "SUSE Bug 1225028",
"url": "https://bugzilla.suse.com/1225028"
},
{
"category": "self",
"summary": "SUSE Bug 1225029",
"url": "https://bugzilla.suse.com/1225029"
},
{
"category": "self",
"summary": "SUSE Bug 1225031",
"url": "https://bugzilla.suse.com/1225031"
},
{
"category": "self",
"summary": "SUSE Bug 1225036",
"url": "https://bugzilla.suse.com/1225036"
},
{
"category": "self",
"summary": "SUSE Bug 1225041",
"url": "https://bugzilla.suse.com/1225041"
},
{
"category": "self",
"summary": "SUSE Bug 1225044",
"url": "https://bugzilla.suse.com/1225044"
},
{
"category": "self",
"summary": "SUSE Bug 1225049",
"url": "https://bugzilla.suse.com/1225049"
},
{
"category": "self",
"summary": "SUSE Bug 1225050",
"url": "https://bugzilla.suse.com/1225050"
},
{
"category": "self",
"summary": "SUSE Bug 1225053",
"url": "https://bugzilla.suse.com/1225053"
},
{
"category": "self",
"summary": "SUSE Bug 1225076",
"url": "https://bugzilla.suse.com/1225076"
},
{
"category": "self",
"summary": "SUSE Bug 1225077",
"url": "https://bugzilla.suse.com/1225077"
},
{
"category": "self",
"summary": "SUSE Bug 1225078",
"url": "https://bugzilla.suse.com/1225078"
},
{
"category": "self",
"summary": "SUSE Bug 1225081",
"url": "https://bugzilla.suse.com/1225081"
},
{
"category": "self",
"summary": "SUSE Bug 1225085",
"url": "https://bugzilla.suse.com/1225085"
},
{
"category": "self",
"summary": "SUSE Bug 1225086",
"url": "https://bugzilla.suse.com/1225086"
},
{
"category": "self",
"summary": "SUSE Bug 1225088",
"url": "https://bugzilla.suse.com/1225088"
},
{
"category": "self",
"summary": "SUSE Bug 1225090",
"url": "https://bugzilla.suse.com/1225090"
},
{
"category": "self",
"summary": "SUSE Bug 1225092",
"url": "https://bugzilla.suse.com/1225092"
},
{
"category": "self",
"summary": "SUSE Bug 1225096",
"url": "https://bugzilla.suse.com/1225096"
},
{
"category": "self",
"summary": "SUSE Bug 1225097",
"url": "https://bugzilla.suse.com/1225097"
},
{
"category": "self",
"summary": "SUSE Bug 1225101",
"url": "https://bugzilla.suse.com/1225101"
},
{
"category": "self",
"summary": "SUSE Bug 1225103",
"url": "https://bugzilla.suse.com/1225103"
},
{
"category": "self",
"summary": "SUSE Bug 1225104",
"url": "https://bugzilla.suse.com/1225104"
},
{
"category": "self",
"summary": "SUSE Bug 1225105",
"url": "https://bugzilla.suse.com/1225105"
},
{
"category": "self",
"summary": "SUSE Bug 1225106",
"url": "https://bugzilla.suse.com/1225106"
},
{
"category": "self",
"summary": "SUSE Bug 1225108",
"url": "https://bugzilla.suse.com/1225108"
},
{
"category": "self",
"summary": "SUSE Bug 1225120",
"url": "https://bugzilla.suse.com/1225120"
},
{
"category": "self",
"summary": "SUSE Bug 1225132",
"url": "https://bugzilla.suse.com/1225132"
},
{
"category": "self",
"summary": "SUSE Bug 1225133",
"url": "https://bugzilla.suse.com/1225133"
},
{
"category": "self",
"summary": "SUSE Bug 1225134",
"url": "https://bugzilla.suse.com/1225134"
},
{
"category": "self",
"summary": "SUSE Bug 1225136",
"url": "https://bugzilla.suse.com/1225136"
},
{
"category": "self",
"summary": "SUSE Bug 1225172",
"url": "https://bugzilla.suse.com/1225172"
},
{
"category": "self",
"summary": "SUSE Bug 1225180",
"url": "https://bugzilla.suse.com/1225180"
},
{
"category": "self",
"summary": "SUSE Bug 1225272",
"url": "https://bugzilla.suse.com/1225272"
},
{
"category": "self",
"summary": "SUSE Bug 1225300",
"url": "https://bugzilla.suse.com/1225300"
},
{
"category": "self",
"summary": "SUSE Bug 1225391",
"url": "https://bugzilla.suse.com/1225391"
},
{
"category": "self",
"summary": "SUSE Bug 1225472",
"url": "https://bugzilla.suse.com/1225472"
},
{
"category": "self",
"summary": "SUSE Bug 1225475",
"url": "https://bugzilla.suse.com/1225475"
},
{
"category": "self",
"summary": "SUSE Bug 1225476",
"url": "https://bugzilla.suse.com/1225476"
},
{
"category": "self",
"summary": "SUSE Bug 1225477",
"url": "https://bugzilla.suse.com/1225477"
},
{
"category": "self",
"summary": "SUSE Bug 1225478",
"url": "https://bugzilla.suse.com/1225478"
},
{
"category": "self",
"summary": "SUSE Bug 1225485",
"url": "https://bugzilla.suse.com/1225485"
},
{
"category": "self",
"summary": "SUSE Bug 1225489",
"url": "https://bugzilla.suse.com/1225489"
},
{
"category": "self",
"summary": "SUSE Bug 1225490",
"url": "https://bugzilla.suse.com/1225490"
},
{
"category": "self",
"summary": "SUSE Bug 1225502",
"url": "https://bugzilla.suse.com/1225502"
},
{
"category": "self",
"summary": "SUSE Bug 1225527",
"url": "https://bugzilla.suse.com/1225527"
},
{
"category": "self",
"summary": "SUSE Bug 1225529",
"url": "https://bugzilla.suse.com/1225529"
},
{
"category": "self",
"summary": "SUSE Bug 1225530",
"url": "https://bugzilla.suse.com/1225530"
},
{
"category": "self",
"summary": "SUSE Bug 1225532",
"url": "https://bugzilla.suse.com/1225532"
},
{
"category": "self",
"summary": "SUSE Bug 1225534",
"url": "https://bugzilla.suse.com/1225534"
},
{
"category": "self",
"summary": "SUSE Bug 1225548",
"url": "https://bugzilla.suse.com/1225548"
},
{
"category": "self",
"summary": "SUSE Bug 1225550",
"url": "https://bugzilla.suse.com/1225550"
},
{
"category": "self",
"summary": "SUSE Bug 1225553",
"url": "https://bugzilla.suse.com/1225553"
},
{
"category": "self",
"summary": "SUSE Bug 1225554",
"url": "https://bugzilla.suse.com/1225554"
},
{
"category": "self",
"summary": "SUSE Bug 1225555",
"url": "https://bugzilla.suse.com/1225555"
},
{
"category": "self",
"summary": "SUSE Bug 1225556",
"url": "https://bugzilla.suse.com/1225556"
},
{
"category": "self",
"summary": "SUSE Bug 1225557",
"url": "https://bugzilla.suse.com/1225557"
},
{
"category": "self",
"summary": "SUSE Bug 1225559",
"url": "https://bugzilla.suse.com/1225559"
},
{
"category": "self",
"summary": "SUSE Bug 1225560",
"url": "https://bugzilla.suse.com/1225560"
},
{
"category": "self",
"summary": "SUSE Bug 1225564",
"url": "https://bugzilla.suse.com/1225564"
},
{
"category": "self",
"summary": "SUSE Bug 1225565",
"url": "https://bugzilla.suse.com/1225565"
},
{
"category": "self",
"summary": "SUSE Bug 1225566",
"url": "https://bugzilla.suse.com/1225566"
},
{
"category": "self",
"summary": "SUSE Bug 1225568",
"url": "https://bugzilla.suse.com/1225568"
},
{
"category": "self",
"summary": "SUSE Bug 1225569",
"url": "https://bugzilla.suse.com/1225569"
},
{
"category": "self",
"summary": "SUSE Bug 1225570",
"url": "https://bugzilla.suse.com/1225570"
},
{
"category": "self",
"summary": "SUSE Bug 1225571",
"url": "https://bugzilla.suse.com/1225571"
},
{
"category": "self",
"summary": "SUSE Bug 1225572",
"url": "https://bugzilla.suse.com/1225572"
},
{
"category": "self",
"summary": "SUSE Bug 1225573",
"url": "https://bugzilla.suse.com/1225573"
},
{
"category": "self",
"summary": "SUSE Bug 1225577",
"url": "https://bugzilla.suse.com/1225577"
},
{
"category": "self",
"summary": "SUSE Bug 1225578",
"url": "https://bugzilla.suse.com/1225578"
},
{
"category": "self",
"summary": "SUSE Bug 1225579",
"url": "https://bugzilla.suse.com/1225579"
},
{
"category": "self",
"summary": "SUSE Bug 1225580",
"url": "https://bugzilla.suse.com/1225580"
},
{
"category": "self",
"summary": "SUSE Bug 1225581",
"url": "https://bugzilla.suse.com/1225581"
},
{
"category": "self",
"summary": "SUSE Bug 1225583",
"url": "https://bugzilla.suse.com/1225583"
},
{
"category": "self",
"summary": "SUSE Bug 1225584",
"url": "https://bugzilla.suse.com/1225584"
},
{
"category": "self",
"summary": "SUSE Bug 1225585",
"url": "https://bugzilla.suse.com/1225585"
},
{
"category": "self",
"summary": "SUSE Bug 1225586",
"url": "https://bugzilla.suse.com/1225586"
},
{
"category": "self",
"summary": "SUSE Bug 1225587",
"url": "https://bugzilla.suse.com/1225587"
},
{
"category": "self",
"summary": "SUSE Bug 1225588",
"url": "https://bugzilla.suse.com/1225588"
},
{
"category": "self",
"summary": "SUSE Bug 1225589",
"url": "https://bugzilla.suse.com/1225589"
},
{
"category": "self",
"summary": "SUSE Bug 1225590",
"url": "https://bugzilla.suse.com/1225590"
},
{
"category": "self",
"summary": "SUSE Bug 1225591",
"url": "https://bugzilla.suse.com/1225591"
},
{
"category": "self",
"summary": "SUSE Bug 1225592",
"url": "https://bugzilla.suse.com/1225592"
},
{
"category": "self",
"summary": "SUSE Bug 1225593",
"url": "https://bugzilla.suse.com/1225593"
},
{
"category": "self",
"summary": "SUSE Bug 1225594",
"url": "https://bugzilla.suse.com/1225594"
},
{
"category": "self",
"summary": "SUSE Bug 1225595",
"url": "https://bugzilla.suse.com/1225595"
},
{
"category": "self",
"summary": "SUSE Bug 1225599",
"url": "https://bugzilla.suse.com/1225599"
},
{
"category": "self",
"summary": "SUSE Bug 1225600",
"url": "https://bugzilla.suse.com/1225600"
},
{
"category": "self",
"summary": "SUSE Bug 1225601",
"url": "https://bugzilla.suse.com/1225601"
},
{
"category": "self",
"summary": "SUSE Bug 1225602",
"url": "https://bugzilla.suse.com/1225602"
},
{
"category": "self",
"summary": "SUSE Bug 1225605",
"url": "https://bugzilla.suse.com/1225605"
},
{
"category": "self",
"summary": "SUSE Bug 1225607",
"url": "https://bugzilla.suse.com/1225607"
},
{
"category": "self",
"summary": "SUSE Bug 1225609",
"url": "https://bugzilla.suse.com/1225609"
},
{
"category": "self",
"summary": "SUSE Bug 1225610",
"url": "https://bugzilla.suse.com/1225610"
},
{
"category": "self",
"summary": "SUSE Bug 1225611",
"url": "https://bugzilla.suse.com/1225611"
},
{
"category": "self",
"summary": "SUSE Bug 1225616",
"url": "https://bugzilla.suse.com/1225616"
},
{
"category": "self",
"summary": "SUSE Bug 1225618",
"url": "https://bugzilla.suse.com/1225618"
},
{
"category": "self",
"summary": "SUSE Bug 1225640",
"url": "https://bugzilla.suse.com/1225640"
},
{
"category": "self",
"summary": "SUSE Bug 1225642",
"url": "https://bugzilla.suse.com/1225642"
},
{
"category": "self",
"summary": "SUSE Bug 1225681",
"url": "https://bugzilla.suse.com/1225681"
},
{
"category": "self",
"summary": "SUSE Bug 1225692",
"url": "https://bugzilla.suse.com/1225692"
},
{
"category": "self",
"summary": "SUSE Bug 1225694",
"url": "https://bugzilla.suse.com/1225694"
},
{
"category": "self",
"summary": "SUSE Bug 1225695",
"url": "https://bugzilla.suse.com/1225695"
},
{
"category": "self",
"summary": "SUSE Bug 1225696",
"url": "https://bugzilla.suse.com/1225696"
},
{
"category": "self",
"summary": "SUSE Bug 1225698",
"url": "https://bugzilla.suse.com/1225698"
},
{
"category": "self",
"summary": "SUSE Bug 1225699",
"url": "https://bugzilla.suse.com/1225699"
},
{
"category": "self",
"summary": "SUSE Bug 1225702",
"url": "https://bugzilla.suse.com/1225702"
},
{
"category": "self",
"summary": "SUSE Bug 1225704",
"url": "https://bugzilla.suse.com/1225704"
},
{
"category": "self",
"summary": "SUSE Bug 1225705",
"url": "https://bugzilla.suse.com/1225705"
},
{
"category": "self",
"summary": "SUSE Bug 1225708",
"url": "https://bugzilla.suse.com/1225708"
},
{
"category": "self",
"summary": "SUSE Bug 1225710",
"url": "https://bugzilla.suse.com/1225710"
},
{
"category": "self",
"summary": "SUSE Bug 1225711",
"url": "https://bugzilla.suse.com/1225711"
},
{
"category": "self",
"summary": "SUSE Bug 1225712",
"url": "https://bugzilla.suse.com/1225712"
},
{
"category": "self",
"summary": "SUSE Bug 1225714",
"url": "https://bugzilla.suse.com/1225714"
},
{
"category": "self",
"summary": "SUSE Bug 1225715",
"url": "https://bugzilla.suse.com/1225715"
},
{
"category": "self",
"summary": "SUSE Bug 1225717",
"url": "https://bugzilla.suse.com/1225717"
},
{
"category": "self",
"summary": "SUSE Bug 1225719",
"url": "https://bugzilla.suse.com/1225719"
},
{
"category": "self",
"summary": "SUSE Bug 1225720",
"url": "https://bugzilla.suse.com/1225720"
},
{
"category": "self",
"summary": "SUSE Bug 1225722",
"url": "https://bugzilla.suse.com/1225722"
},
{
"category": "self",
"summary": "SUSE Bug 1225723",
"url": "https://bugzilla.suse.com/1225723"
},
{
"category": "self",
"summary": "SUSE Bug 1225726",
"url": "https://bugzilla.suse.com/1225726"
},
{
"category": "self",
"summary": "SUSE Bug 1225728",
"url": "https://bugzilla.suse.com/1225728"
},
{
"category": "self",
"summary": "SUSE Bug 1225731",
"url": "https://bugzilla.suse.com/1225731"
},
{
"category": "self",
"summary": "SUSE Bug 1225732",
"url": "https://bugzilla.suse.com/1225732"
},
{
"category": "self",
"summary": "SUSE Bug 1225734",
"url": "https://bugzilla.suse.com/1225734"
},
{
"category": "self",
"summary": "SUSE Bug 1225735",
"url": "https://bugzilla.suse.com/1225735"
},
{
"category": "self",
"summary": "SUSE Bug 1225736",
"url": "https://bugzilla.suse.com/1225736"
},
{
"category": "self",
"summary": "SUSE Bug 1225737",
"url": "https://bugzilla.suse.com/1225737"
},
{
"category": "self",
"summary": "SUSE Bug 1225741",
"url": "https://bugzilla.suse.com/1225741"
},
{
"category": "self",
"summary": "SUSE Bug 1225744",
"url": "https://bugzilla.suse.com/1225744"
},
{
"category": "self",
"summary": "SUSE Bug 1225745",
"url": "https://bugzilla.suse.com/1225745"
},
{
"category": "self",
"summary": "SUSE Bug 1225746",
"url": "https://bugzilla.suse.com/1225746"
},
{
"category": "self",
"summary": "SUSE Bug 1225747",
"url": "https://bugzilla.suse.com/1225747"
},
{
"category": "self",
"summary": "SUSE Bug 1225748",
"url": "https://bugzilla.suse.com/1225748"
},
{
"category": "self",
"summary": "SUSE Bug 1225749",
"url": "https://bugzilla.suse.com/1225749"
},
{
"category": "self",
"summary": "SUSE Bug 1225750",
"url": "https://bugzilla.suse.com/1225750"
},
{
"category": "self",
"summary": "SUSE Bug 1225752",
"url": "https://bugzilla.suse.com/1225752"
},
{
"category": "self",
"summary": "SUSE Bug 1225753",
"url": "https://bugzilla.suse.com/1225753"
},
{
"category": "self",
"summary": "SUSE Bug 1225756",
"url": "https://bugzilla.suse.com/1225756"
},
{
"category": "self",
"summary": "SUSE Bug 1225757",
"url": "https://bugzilla.suse.com/1225757"
},
{
"category": "self",
"summary": "SUSE Bug 1225758",
"url": "https://bugzilla.suse.com/1225758"
},
{
"category": "self",
"summary": "SUSE Bug 1225759",
"url": "https://bugzilla.suse.com/1225759"
},
{
"category": "self",
"summary": "SUSE Bug 1225760",
"url": "https://bugzilla.suse.com/1225760"
},
{
"category": "self",
"summary": "SUSE Bug 1225761",
"url": "https://bugzilla.suse.com/1225761"
},
{
"category": "self",
"summary": "SUSE Bug 1225762",
"url": "https://bugzilla.suse.com/1225762"
},
{
"category": "self",
"summary": "SUSE Bug 1225763",
"url": "https://bugzilla.suse.com/1225763"
},
{
"category": "self",
"summary": "SUSE Bug 1225765",
"url": "https://bugzilla.suse.com/1225765"
},
{
"category": "self",
"summary": "SUSE Bug 1225766",
"url": "https://bugzilla.suse.com/1225766"
},
{
"category": "self",
"summary": "SUSE Bug 1225767",
"url": "https://bugzilla.suse.com/1225767"
},
{
"category": "self",
"summary": "SUSE Bug 1225769",
"url": "https://bugzilla.suse.com/1225769"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1225773",
"url": "https://bugzilla.suse.com/1225773"
},
{
"category": "self",
"summary": "SUSE Bug 1225775",
"url": "https://bugzilla.suse.com/1225775"
},
{
"category": "self",
"summary": "SUSE Bug 1225805",
"url": "https://bugzilla.suse.com/1225805"
},
{
"category": "self",
"summary": "SUSE Bug 1225810",
"url": "https://bugzilla.suse.com/1225810"
},
{
"category": "self",
"summary": "SUSE Bug 1225815",
"url": "https://bugzilla.suse.com/1225815"
},
{
"category": "self",
"summary": "SUSE Bug 1225820",
"url": "https://bugzilla.suse.com/1225820"
},
{
"category": "self",
"summary": "SUSE Bug 1225823",
"url": "https://bugzilla.suse.com/1225823"
},
{
"category": "self",
"summary": "SUSE Bug 1225827",
"url": "https://bugzilla.suse.com/1225827"
},
{
"category": "self",
"summary": "SUSE Bug 1225829",
"url": "https://bugzilla.suse.com/1225829"
},
{
"category": "self",
"summary": "SUSE Bug 1225830",
"url": "https://bugzilla.suse.com/1225830"
},
{
"category": "self",
"summary": "SUSE Bug 1225834",
"url": "https://bugzilla.suse.com/1225834"
},
{
"category": "self",
"summary": "SUSE Bug 1225839",
"url": "https://bugzilla.suse.com/1225839"
},
{
"category": "self",
"summary": "SUSE Bug 1225840",
"url": "https://bugzilla.suse.com/1225840"
},
{
"category": "self",
"summary": "SUSE Bug 1225842",
"url": "https://bugzilla.suse.com/1225842"
},
{
"category": "self",
"summary": "SUSE Bug 1225843",
"url": "https://bugzilla.suse.com/1225843"
},
{
"category": "self",
"summary": "SUSE Bug 1225847",
"url": "https://bugzilla.suse.com/1225847"
},
{
"category": "self",
"summary": "SUSE Bug 1225851",
"url": "https://bugzilla.suse.com/1225851"
},
{
"category": "self",
"summary": "SUSE Bug 1225866",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "self",
"summary": "SUSE Bug 1225872",
"url": "https://bugzilla.suse.com/1225872"
},
{
"category": "self",
"summary": "SUSE Bug 1225894",
"url": "https://bugzilla.suse.com/1225894"
},
{
"category": "self",
"summary": "SUSE Bug 1225895",
"url": "https://bugzilla.suse.com/1225895"
},
{
"category": "self",
"summary": "SUSE Bug 1225896",
"url": "https://bugzilla.suse.com/1225896"
},
{
"category": "self",
"summary": "SUSE Bug 1225898",
"url": "https://bugzilla.suse.com/1225898"
},
{
"category": "self",
"summary": "SUSE Bug 1225903",
"url": "https://bugzilla.suse.com/1225903"
},
{
"category": "self",
"summary": "SUSE Bug 1225945",
"url": "https://bugzilla.suse.com/1225945"
},
{
"category": "self",
"summary": "SUSE Bug 1226022",
"url": "https://bugzilla.suse.com/1226022"
},
{
"category": "self",
"summary": "SUSE Bug 1226131",
"url": "https://bugzilla.suse.com/1226131"
},
{
"category": "self",
"summary": "SUSE Bug 1226145",
"url": "https://bugzilla.suse.com/1226145"
},
{
"category": "self",
"summary": "SUSE Bug 1226149",
"url": "https://bugzilla.suse.com/1226149"
},
{
"category": "self",
"summary": "SUSE Bug 1226155",
"url": "https://bugzilla.suse.com/1226155"
},
{
"category": "self",
"summary": "SUSE Bug 1226158",
"url": "https://bugzilla.suse.com/1226158"
},
{
"category": "self",
"summary": "SUSE Bug 1226163",
"url": "https://bugzilla.suse.com/1226163"
},
{
"category": "self",
"summary": "SUSE Bug 1226202",
"url": "https://bugzilla.suse.com/1226202"
},
{
"category": "self",
"summary": "SUSE Bug 1226211",
"url": "https://bugzilla.suse.com/1226211"
},
{
"category": "self",
"summary": "SUSE Bug 1226212",
"url": "https://bugzilla.suse.com/1226212"
},
{
"category": "self",
"summary": "SUSE Bug 1226213",
"url": "https://bugzilla.suse.com/1226213"
},
{
"category": "self",
"summary": "SUSE Bug 1226226",
"url": "https://bugzilla.suse.com/1226226"
},
{
"category": "self",
"summary": "SUSE Bug 1226457",
"url": "https://bugzilla.suse.com/1226457"
},
{
"category": "self",
"summary": "SUSE Bug 1226502",
"url": "https://bugzilla.suse.com/1226502"
},
{
"category": "self",
"summary": "SUSE Bug 1226503",
"url": "https://bugzilla.suse.com/1226503"
},
{
"category": "self",
"summary": "SUSE Bug 1226513",
"url": "https://bugzilla.suse.com/1226513"
},
{
"category": "self",
"summary": "SUSE Bug 1226514",
"url": "https://bugzilla.suse.com/1226514"
},
{
"category": "self",
"summary": "SUSE Bug 1226520",
"url": "https://bugzilla.suse.com/1226520"
},
{
"category": "self",
"summary": "SUSE Bug 1226582",
"url": "https://bugzilla.suse.com/1226582"
},
{
"category": "self",
"summary": "SUSE Bug 1226587",
"url": "https://bugzilla.suse.com/1226587"
},
{
"category": "self",
"summary": "SUSE Bug 1226588",
"url": "https://bugzilla.suse.com/1226588"
},
{
"category": "self",
"summary": "SUSE Bug 1226592",
"url": "https://bugzilla.suse.com/1226592"
},
{
"category": "self",
"summary": "SUSE Bug 1226593",
"url": "https://bugzilla.suse.com/1226593"
},
{
"category": "self",
"summary": "SUSE Bug 1226594",
"url": "https://bugzilla.suse.com/1226594"
},
{
"category": "self",
"summary": "SUSE Bug 1226597",
"url": "https://bugzilla.suse.com/1226597"
},
{
"category": "self",
"summary": "SUSE Bug 1226607",
"url": "https://bugzilla.suse.com/1226607"
},
{
"category": "self",
"summary": "SUSE Bug 1226608",
"url": "https://bugzilla.suse.com/1226608"
},
{
"category": "self",
"summary": "SUSE Bug 1226610",
"url": "https://bugzilla.suse.com/1226610"
},
{
"category": "self",
"summary": "SUSE Bug 1226612",
"url": "https://bugzilla.suse.com/1226612"
},
{
"category": "self",
"summary": "SUSE Bug 1226613",
"url": "https://bugzilla.suse.com/1226613"
},
{
"category": "self",
"summary": "SUSE Bug 1226630",
"url": "https://bugzilla.suse.com/1226630"
},
{
"category": "self",
"summary": "SUSE Bug 1226632",
"url": "https://bugzilla.suse.com/1226632"
},
{
"category": "self",
"summary": "SUSE Bug 1226633",
"url": "https://bugzilla.suse.com/1226633"
},
{
"category": "self",
"summary": "SUSE Bug 1226634",
"url": "https://bugzilla.suse.com/1226634"
},
{
"category": "self",
"summary": "SUSE Bug 1226637",
"url": "https://bugzilla.suse.com/1226637"
},
{
"category": "self",
"summary": "SUSE Bug 1226657",
"url": "https://bugzilla.suse.com/1226657"
},
{
"category": "self",
"summary": "SUSE Bug 1226658",
"url": "https://bugzilla.suse.com/1226658"
},
{
"category": "self",
"summary": "SUSE Bug 1226734",
"url": "https://bugzilla.suse.com/1226734"
},
{
"category": "self",
"summary": "SUSE Bug 1226735",
"url": "https://bugzilla.suse.com/1226735"
},
{
"category": "self",
"summary": "SUSE Bug 1226737",
"url": "https://bugzilla.suse.com/1226737"
},
{
"category": "self",
"summary": "SUSE Bug 1226738",
"url": "https://bugzilla.suse.com/1226738"
},
{
"category": "self",
"summary": "SUSE Bug 1226739",
"url": "https://bugzilla.suse.com/1226739"
},
{
"category": "self",
"summary": "SUSE Bug 1226740",
"url": "https://bugzilla.suse.com/1226740"
},
{
"category": "self",
"summary": "SUSE Bug 1226741",
"url": "https://bugzilla.suse.com/1226741"
},
{
"category": "self",
"summary": "SUSE Bug 1226742",
"url": "https://bugzilla.suse.com/1226742"
},
{
"category": "self",
"summary": "SUSE Bug 1226744",
"url": "https://bugzilla.suse.com/1226744"
},
{
"category": "self",
"summary": "SUSE Bug 1226746",
"url": "https://bugzilla.suse.com/1226746"
},
{
"category": "self",
"summary": "SUSE Bug 1226747",
"url": "https://bugzilla.suse.com/1226747"
},
{
"category": "self",
"summary": "SUSE Bug 1226749",
"url": "https://bugzilla.suse.com/1226749"
},
{
"category": "self",
"summary": "SUSE Bug 1226750",
"url": "https://bugzilla.suse.com/1226750"
},
{
"category": "self",
"summary": "SUSE Bug 1226754",
"url": "https://bugzilla.suse.com/1226754"
},
{
"category": "self",
"summary": "SUSE Bug 1226757",
"url": "https://bugzilla.suse.com/1226757"
},
{
"category": "self",
"summary": "SUSE Bug 1226758",
"url": "https://bugzilla.suse.com/1226758"
},
{
"category": "self",
"summary": "SUSE Bug 1226760",
"url": "https://bugzilla.suse.com/1226760"
},
{
"category": "self",
"summary": "SUSE Bug 1226761",
"url": "https://bugzilla.suse.com/1226761"
},
{
"category": "self",
"summary": "SUSE Bug 1226764",
"url": "https://bugzilla.suse.com/1226764"
},
{
"category": "self",
"summary": "SUSE Bug 1226767",
"url": "https://bugzilla.suse.com/1226767"
},
{
"category": "self",
"summary": "SUSE Bug 1226768",
"url": "https://bugzilla.suse.com/1226768"
},
{
"category": "self",
"summary": "SUSE Bug 1226769",
"url": "https://bugzilla.suse.com/1226769"
},
{
"category": "self",
"summary": "SUSE Bug 1226771",
"url": "https://bugzilla.suse.com/1226771"
},
{
"category": "self",
"summary": "SUSE Bug 1226772",
"url": "https://bugzilla.suse.com/1226772"
},
{
"category": "self",
"summary": "SUSE Bug 1226774",
"url": "https://bugzilla.suse.com/1226774"
},
{
"category": "self",
"summary": "SUSE Bug 1226775",
"url": "https://bugzilla.suse.com/1226775"
},
{
"category": "self",
"summary": "SUSE Bug 1226776",
"url": "https://bugzilla.suse.com/1226776"
},
{
"category": "self",
"summary": "SUSE Bug 1226777",
"url": "https://bugzilla.suse.com/1226777"
},
{
"category": "self",
"summary": "SUSE Bug 1226780",
"url": "https://bugzilla.suse.com/1226780"
},
{
"category": "self",
"summary": "SUSE Bug 1226781",
"url": "https://bugzilla.suse.com/1226781"
},
{
"category": "self",
"summary": "SUSE Bug 1226783",
"url": "https://bugzilla.suse.com/1226783"
},
{
"category": "self",
"summary": "SUSE Bug 1226788",
"url": "https://bugzilla.suse.com/1226788"
},
{
"category": "self",
"summary": "SUSE Bug 1226789",
"url": "https://bugzilla.suse.com/1226789"
},
{
"category": "self",
"summary": "SUSE Bug 1226790",
"url": "https://bugzilla.suse.com/1226790"
},
{
"category": "self",
"summary": "SUSE Bug 1226791",
"url": "https://bugzilla.suse.com/1226791"
},
{
"category": "self",
"summary": "SUSE Bug 1226796",
"url": "https://bugzilla.suse.com/1226796"
},
{
"category": "self",
"summary": "SUSE Bug 1226799",
"url": "https://bugzilla.suse.com/1226799"
},
{
"category": "self",
"summary": "SUSE Bug 1226837",
"url": "https://bugzilla.suse.com/1226837"
},
{
"category": "self",
"summary": "SUSE Bug 1226839",
"url": "https://bugzilla.suse.com/1226839"
},
{
"category": "self",
"summary": "SUSE Bug 1226840",
"url": "https://bugzilla.suse.com/1226840"
},
{
"category": "self",
"summary": "SUSE Bug 1226841",
"url": "https://bugzilla.suse.com/1226841"
},
{
"category": "self",
"summary": "SUSE Bug 1226842",
"url": "https://bugzilla.suse.com/1226842"
},
{
"category": "self",
"summary": "SUSE Bug 1226844",
"url": "https://bugzilla.suse.com/1226844"
},
{
"category": "self",
"summary": "SUSE Bug 1226848",
"url": "https://bugzilla.suse.com/1226848"
},
{
"category": "self",
"summary": "SUSE Bug 1226852",
"url": "https://bugzilla.suse.com/1226852"
},
{
"category": "self",
"summary": "SUSE Bug 1226856",
"url": "https://bugzilla.suse.com/1226856"
},
{
"category": "self",
"summary": "SUSE Bug 1226857",
"url": "https://bugzilla.suse.com/1226857"
},
{
"category": "self",
"summary": "SUSE Bug 1226859",
"url": "https://bugzilla.suse.com/1226859"
},
{
"category": "self",
"summary": "SUSE Bug 1226861",
"url": "https://bugzilla.suse.com/1226861"
},
{
"category": "self",
"summary": "SUSE Bug 1226863",
"url": "https://bugzilla.suse.com/1226863"
},
{
"category": "self",
"summary": "SUSE Bug 1226864",
"url": "https://bugzilla.suse.com/1226864"
},
{
"category": "self",
"summary": "SUSE Bug 1226866",
"url": "https://bugzilla.suse.com/1226866"
},
{
"category": "self",
"summary": "SUSE Bug 1226867",
"url": "https://bugzilla.suse.com/1226867"
},
{
"category": "self",
"summary": "SUSE Bug 1226868",
"url": "https://bugzilla.suse.com/1226868"
},
{
"category": "self",
"summary": "SUSE Bug 1226875",
"url": "https://bugzilla.suse.com/1226875"
},
{
"category": "self",
"summary": "SUSE Bug 1226876",
"url": "https://bugzilla.suse.com/1226876"
},
{
"category": "self",
"summary": "SUSE Bug 1226878",
"url": "https://bugzilla.suse.com/1226878"
},
{
"category": "self",
"summary": "SUSE Bug 1226879",
"url": "https://bugzilla.suse.com/1226879"
},
{
"category": "self",
"summary": "SUSE Bug 1226883",
"url": "https://bugzilla.suse.com/1226883"
},
{
"category": "self",
"summary": "SUSE Bug 1226886",
"url": "https://bugzilla.suse.com/1226886"
},
{
"category": "self",
"summary": "SUSE Bug 1226890",
"url": "https://bugzilla.suse.com/1226890"
},
{
"category": "self",
"summary": "SUSE Bug 1226891",
"url": "https://bugzilla.suse.com/1226891"
},
{
"category": "self",
"summary": "SUSE Bug 1226894",
"url": "https://bugzilla.suse.com/1226894"
},
{
"category": "self",
"summary": "SUSE Bug 1226895",
"url": "https://bugzilla.suse.com/1226895"
},
{
"category": "self",
"summary": "SUSE Bug 1226905",
"url": "https://bugzilla.suse.com/1226905"
},
{
"category": "self",
"summary": "SUSE Bug 1226908",
"url": "https://bugzilla.suse.com/1226908"
},
{
"category": "self",
"summary": "SUSE Bug 1226909",
"url": "https://bugzilla.suse.com/1226909"
},
{
"category": "self",
"summary": "SUSE Bug 1226911",
"url": "https://bugzilla.suse.com/1226911"
},
{
"category": "self",
"summary": "SUSE Bug 1226915",
"url": "https://bugzilla.suse.com/1226915"
},
{
"category": "self",
"summary": "SUSE Bug 1226928",
"url": "https://bugzilla.suse.com/1226928"
},
{
"category": "self",
"summary": "SUSE Bug 1226934",
"url": "https://bugzilla.suse.com/1226934"
},
{
"category": "self",
"summary": "SUSE Bug 1226938",
"url": "https://bugzilla.suse.com/1226938"
},
{
"category": "self",
"summary": "SUSE Bug 1226939",
"url": "https://bugzilla.suse.com/1226939"
},
{
"category": "self",
"summary": "SUSE Bug 1226941",
"url": "https://bugzilla.suse.com/1226941"
},
{
"category": "self",
"summary": "SUSE Bug 1226948",
"url": "https://bugzilla.suse.com/1226948"
},
{
"category": "self",
"summary": "SUSE Bug 1226949",
"url": "https://bugzilla.suse.com/1226949"
},
{
"category": "self",
"summary": "SUSE Bug 1226950",
"url": "https://bugzilla.suse.com/1226950"
},
{
"category": "self",
"summary": "SUSE Bug 1226962",
"url": "https://bugzilla.suse.com/1226962"
},
{
"category": "self",
"summary": "SUSE Bug 1226976",
"url": "https://bugzilla.suse.com/1226976"
},
{
"category": "self",
"summary": "SUSE Bug 1226989",
"url": "https://bugzilla.suse.com/1226989"
},
{
"category": "self",
"summary": "SUSE Bug 1226990",
"url": "https://bugzilla.suse.com/1226990"
},
{
"category": "self",
"summary": "SUSE Bug 1226992",
"url": "https://bugzilla.suse.com/1226992"
},
{
"category": "self",
"summary": "SUSE Bug 1226993",
"url": "https://bugzilla.suse.com/1226993"
},
{
"category": "self",
"summary": "SUSE Bug 1226994",
"url": "https://bugzilla.suse.com/1226994"
},
{
"category": "self",
"summary": "SUSE Bug 1226995",
"url": "https://bugzilla.suse.com/1226995"
},
{
"category": "self",
"summary": "SUSE Bug 1226996",
"url": "https://bugzilla.suse.com/1226996"
},
{
"category": "self",
"summary": "SUSE Bug 1227066",
"url": "https://bugzilla.suse.com/1227066"
},
{
"category": "self",
"summary": "SUSE Bug 1227072",
"url": "https://bugzilla.suse.com/1227072"
},
{
"category": "self",
"summary": "SUSE Bug 1227085",
"url": "https://bugzilla.suse.com/1227085"
},
{
"category": "self",
"summary": "SUSE Bug 1227089",
"url": "https://bugzilla.suse.com/1227089"
},
{
"category": "self",
"summary": "SUSE Bug 1227090",
"url": "https://bugzilla.suse.com/1227090"
},
{
"category": "self",
"summary": "SUSE Bug 1227096",
"url": "https://bugzilla.suse.com/1227096"
},
{
"category": "self",
"summary": "SUSE Bug 1227101",
"url": "https://bugzilla.suse.com/1227101"
},
{
"category": "self",
"summary": "SUSE Bug 1227103",
"url": "https://bugzilla.suse.com/1227103"
},
{
"category": "self",
"summary": "SUSE Bug 1227149",
"url": "https://bugzilla.suse.com/1227149"
},
{
"category": "self",
"summary": "SUSE Bug 1227190",
"url": "https://bugzilla.suse.com/1227190"
},
{
"category": "self",
"summary": "SUSE Bug 1227282",
"url": "https://bugzilla.suse.com/1227282"
},
{
"category": "self",
"summary": "SUSE Bug 1227362",
"url": "https://bugzilla.suse.com/1227362"
},
{
"category": "self",
"summary": "SUSE Bug 1227363",
"url": "https://bugzilla.suse.com/1227363"
},
{
"category": "self",
"summary": "SUSE Bug 1227383",
"url": "https://bugzilla.suse.com/1227383"
},
{
"category": "self",
"summary": "SUSE Bug 1227432",
"url": "https://bugzilla.suse.com/1227432"
},
{
"category": "self",
"summary": "SUSE Bug 1227433",
"url": "https://bugzilla.suse.com/1227433"
},
{
"category": "self",
"summary": "SUSE Bug 1227434",
"url": "https://bugzilla.suse.com/1227434"
},
{
"category": "self",
"summary": "SUSE Bug 1227435",
"url": "https://bugzilla.suse.com/1227435"
},
{
"category": "self",
"summary": "SUSE Bug 1227443",
"url": "https://bugzilla.suse.com/1227443"
},
{
"category": "self",
"summary": "SUSE Bug 1227446",
"url": "https://bugzilla.suse.com/1227446"
},
{
"category": "self",
"summary": "SUSE Bug 1227447",
"url": "https://bugzilla.suse.com/1227447"
},
{
"category": "self",
"summary": "SUSE Bug 1227487",
"url": "https://bugzilla.suse.com/1227487"
},
{
"category": "self",
"summary": "SUSE Bug 1227573",
"url": "https://bugzilla.suse.com/1227573"
},
{
"category": "self",
"summary": "SUSE Bug 1227626",
"url": "https://bugzilla.suse.com/1227626"
},
{
"category": "self",
"summary": "SUSE Bug 1227716",
"url": "https://bugzilla.suse.com/1227716"
},
{
"category": "self",
"summary": "SUSE Bug 1227719",
"url": "https://bugzilla.suse.com/1227719"
},
{
"category": "self",
"summary": "SUSE Bug 1227723",
"url": "https://bugzilla.suse.com/1227723"
},
{
"category": "self",
"summary": "SUSE Bug 1227730",
"url": "https://bugzilla.suse.com/1227730"
},
{
"category": "self",
"summary": "SUSE Bug 1227736",
"url": "https://bugzilla.suse.com/1227736"
},
{
"category": "self",
"summary": "SUSE Bug 1227755",
"url": "https://bugzilla.suse.com/1227755"
},
{
"category": "self",
"summary": "SUSE Bug 1227757",
"url": "https://bugzilla.suse.com/1227757"
},
{
"category": "self",
"summary": "SUSE Bug 1227762",
"url": "https://bugzilla.suse.com/1227762"
},
{
"category": "self",
"summary": "SUSE Bug 1227763",
"url": "https://bugzilla.suse.com/1227763"
},
{
"category": "self",
"summary": "SUSE Bug 1227779",
"url": "https://bugzilla.suse.com/1227779"
},
{
"category": "self",
"summary": "SUSE Bug 1227780",
"url": "https://bugzilla.suse.com/1227780"
},
{
"category": "self",
"summary": "SUSE Bug 1227783",
"url": "https://bugzilla.suse.com/1227783"
},
{
"category": "self",
"summary": "SUSE Bug 1227786",
"url": "https://bugzilla.suse.com/1227786"
},
{
"category": "self",
"summary": "SUSE Bug 1227788",
"url": "https://bugzilla.suse.com/1227788"
},
{
"category": "self",
"summary": "SUSE Bug 1227789",
"url": "https://bugzilla.suse.com/1227789"
},
{
"category": "self",
"summary": "SUSE Bug 1227797",
"url": "https://bugzilla.suse.com/1227797"
},
{
"category": "self",
"summary": "SUSE Bug 1227800",
"url": "https://bugzilla.suse.com/1227800"
},
{
"category": "self",
"summary": "SUSE Bug 1227801",
"url": "https://bugzilla.suse.com/1227801"
},
{
"category": "self",
"summary": "SUSE Bug 1227803",
"url": "https://bugzilla.suse.com/1227803"
},
{
"category": "self",
"summary": "SUSE Bug 1227806",
"url": "https://bugzilla.suse.com/1227806"
},
{
"category": "self",
"summary": "SUSE Bug 1227813",
"url": "https://bugzilla.suse.com/1227813"
},
{
"category": "self",
"summary": "SUSE Bug 1227814",
"url": "https://bugzilla.suse.com/1227814"
},
{
"category": "self",
"summary": "SUSE Bug 1227836",
"url": "https://bugzilla.suse.com/1227836"
},
{
"category": "self",
"summary": "SUSE Bug 1227855",
"url": "https://bugzilla.suse.com/1227855"
},
{
"category": "self",
"summary": "SUSE Bug 1227862",
"url": "https://bugzilla.suse.com/1227862"
},
{
"category": "self",
"summary": "SUSE Bug 1227866",
"url": "https://bugzilla.suse.com/1227866"
},
{
"category": "self",
"summary": "SUSE Bug 1227886",
"url": "https://bugzilla.suse.com/1227886"
},
{
"category": "self",
"summary": "SUSE Bug 1227899",
"url": "https://bugzilla.suse.com/1227899"
},
{
"category": "self",
"summary": "SUSE Bug 1227910",
"url": "https://bugzilla.suse.com/1227910"
},
{
"category": "self",
"summary": "SUSE Bug 1227913",
"url": "https://bugzilla.suse.com/1227913"
},
{
"category": "self",
"summary": "SUSE Bug 1227926",
"url": "https://bugzilla.suse.com/1227926"
},
{
"category": "self",
"summary": "SUSE Bug 1228090",
"url": "https://bugzilla.suse.com/1228090"
},
{
"category": "self",
"summary": "SUSE Bug 1228192",
"url": "https://bugzilla.suse.com/1228192"
},
{
"category": "self",
"summary": "SUSE Bug 1228193",
"url": "https://bugzilla.suse.com/1228193"
},
{
"category": "self",
"summary": "SUSE Bug 1228211",
"url": "https://bugzilla.suse.com/1228211"
},
{
"category": "self",
"summary": "SUSE Bug 1228269",
"url": "https://bugzilla.suse.com/1228269"
},
{
"category": "self",
"summary": "SUSE Bug 1228289",
"url": "https://bugzilla.suse.com/1228289"
},
{
"category": "self",
"summary": "SUSE Bug 1228327",
"url": "https://bugzilla.suse.com/1228327"
},
{
"category": "self",
"summary": "SUSE Bug 1228328",
"url": "https://bugzilla.suse.com/1228328"
},
{
"category": "self",
"summary": "SUSE Bug 1228403",
"url": "https://bugzilla.suse.com/1228403"
},
{
"category": "self",
"summary": "SUSE Bug 1228405",
"url": "https://bugzilla.suse.com/1228405"
},
{
"category": "self",
"summary": "SUSE Bug 1228408",
"url": "https://bugzilla.suse.com/1228408"
},
{
"category": "self",
"summary": "SUSE Bug 1228417",
"url": "https://bugzilla.suse.com/1228417"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47432 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47432/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48772 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0160 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-38417 page",
"url": "https://www.suse.com/security/cve/CVE-2023-38417/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47210 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51780 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52435 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52458 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52472 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52503 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52616 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52618 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52631 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52635 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52640 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52641 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52645 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52652 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52653 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52656 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52657 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52658 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52659 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52660 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52661 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52662 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52663 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52664 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52667 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52669 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52670 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52671 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52672 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52672/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52673 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52674 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52675 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52678 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52679 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52680 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52681 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52683 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52685 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52686 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52687 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52690 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52691 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52692 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52693 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52694 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52695 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52696 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52697 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52698 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52699 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52735 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52749 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52750 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52751 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52753 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52754 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52757 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52759 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52762 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52763 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52764 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52765 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52766 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52767 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52768 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52769 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52771 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52772 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52773 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52774 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52775 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52776 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52777 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52780 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52781 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52782 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52783 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52784 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52786 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52787 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52788 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52789 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52791 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52792 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52794 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52795 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52796 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52798 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52799 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52800 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52801 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52803 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52804 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52805 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52806 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52807 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52808 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52809 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52810 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52811 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52812 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52813 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52814 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52815 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52816 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52817 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52818 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52819 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52821 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52825 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52826 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52827 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52829 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52832 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52833 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52834 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52835 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52836 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52837 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52838 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52840 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52841 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52842 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52843 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52844 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52845 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52847 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52849 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52850 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52851 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52853 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52854 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52855 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52856 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52857 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52858 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52860 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52861 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52862 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52863 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52864 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52865 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52866 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52868 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52869 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52870 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52871 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52872 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52873 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52874 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52875 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52876 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52877 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52878 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52879 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52880 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52882 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52883 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52884 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6238 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-7042 page",
"url": "https://www.suse.com/security/cve/CVE-2023-7042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0639 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21823 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-22099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-22099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23848 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-25739 page",
"url": "https://www.suse.com/security/cve/CVE-2024-25739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-25741 page",
"url": "https://www.suse.com/security/cve/CVE-2024-25741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26601 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26611 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26614 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26615 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26623 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26625 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26632 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26633 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26635 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26636 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26641 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26642 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26642/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26643 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26650 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26652 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26654 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26656 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26657 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26663 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26665 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26671 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26673 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26674 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26676 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26679 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26684 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26685 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26691 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26704 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26714 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26726 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26731 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26734 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26737 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26739 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26740 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26742 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26750 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26756 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26758 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26760 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26761 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26764 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26767 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26769 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26772 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26773 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26774 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26775 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26780 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26783 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26785 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26786 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26793 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26802 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26805 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26813 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26814 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26815 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26816 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26822 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26826 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26832 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26836 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26842 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26844 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26845 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26846 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26853 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26854 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26855 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26856 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26857 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26858 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26860 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26866 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26868 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26870 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26881 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26882 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26883 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26885 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26889 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26903 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26906 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26909 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26920 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26932 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26933 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26943 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26944 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26946 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26951 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26957 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26961 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26962 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26963 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26972 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26983 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26984 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26988 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26989 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26991 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26992 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27000 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27001 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27003 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27004 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27008 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27015 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27022 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27025 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27027 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27028 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27030 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27031 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27046 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27062 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27064 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27065 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27067 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27388 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27389 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27389/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27393 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27393/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27395 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27395/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27396 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27399 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27400 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27400/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27401 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27402 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27404 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27405 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27410 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27411 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27412 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27412/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27413 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27413/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27414 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27416 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27417 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27417/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27418 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27418/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27419 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27431 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27432 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27432/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27434 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27435 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27436 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-33619 page",
"url": "https://www.suse.com/security/cve/CVE-2024-33619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34777 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35247 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35247/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35784 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35786 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35788 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35789 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35790 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35795 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35796 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35799 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35800 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35801 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35803 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35804 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35805 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35806 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35808 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35809 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35810 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35811 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35812 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35813 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35814 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35815 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35819 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35821 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35822 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35823 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35824 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35825 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35827 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35829 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35830 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35831 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35833 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35834 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35835 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35836 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35837 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35838 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35841 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35842 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35843 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35845 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35847 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35848 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35849 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35850 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35851 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35853 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35854 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35857 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35860 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35865 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35866 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35867 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35868 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35872 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35875 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35877 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35879 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35880 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35883 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35885 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35887 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35889 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35890 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35891 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35892 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35893 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35895 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35896 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35903 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35907 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35908 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35909 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35911 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35912 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35914 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35915 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35916 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35917 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35926 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35927 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35932 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35933 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35936 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35942 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35942/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35943 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35944 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35946 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35951 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35952 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35953 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35955 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35957 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35959 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35961 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35962 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35963 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35965 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35966 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35967 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35969 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35970 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35971 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35972 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35975 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35976 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35977 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35984 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35989 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35991 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35992 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35998 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36003 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36004 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36007 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36008 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36010 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36015 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36021 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36024 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36025 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36026 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36029 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36030 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36032 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36281 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36477 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36478 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36479 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36880 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36882 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36885 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36887 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36889 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36890 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36891 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36893 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36894 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36895 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36896 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36897 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36902 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36902/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36903 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36906 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36909 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36910 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36911 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36912 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36913 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36914 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36915 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36916 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36917 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36918 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36919 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36926 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36936 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36942 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36942/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36944 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36946 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36951 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36952 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36955 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36957 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36959 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36962 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36965 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36967 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36969 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36971 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36972 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36975 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36977 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37021 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37353 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37353/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37354 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38381 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38381/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38384 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38384/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38385 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38388 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38390 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38390/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38391 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38391/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38539 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38540 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38541 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38543 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38544 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38547 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38548 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38549 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38550 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38551 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38551/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38552 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38554 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38554/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38555 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38556 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38557 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38557/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38558 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38558/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38562 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38562/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38564 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38564/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38566 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38567 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38568 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38569 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38570 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38570/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38571 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38573 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38573/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38575 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38578 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38578/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38579 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38580 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38581 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38582 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38583 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38586 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38587 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38590 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38591 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38592 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38594 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38595 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38597 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38598 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38599 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38599/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38600 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38602 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38603 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38604 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38605 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38610 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38611 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38615 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38616 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38619 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38622 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38627 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38627/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38628 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38628/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38629 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38630 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38633 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38634 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38635 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38636 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38659 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38663 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38664 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38780 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39276 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39276/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39277 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39291 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39296 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39301 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39362 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39371 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39463 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39466 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39468 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39469 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39471 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39472 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39473 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39474 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39475 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39475/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39479 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39481 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39481/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39482 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39487 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39490 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39494 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39496 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39496/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39498 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39502 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39502/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39504 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39504/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39507 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39507/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40906 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40908 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40919 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40953 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40961 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40966 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40970 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40972 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40975 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40998 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41090 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41091 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41091/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-08-20T07:15:53Z",
"generator": {
"date": "2024-08-20T07:15:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:2973-1",
"initial_release_date": "2024-08-20T07:15:53Z",
"revision_history": [
{
"date": "2024-08-20T07:15:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-150600.10.5.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"product_id": "kernel-source-rt-6.4.0-150600.10.5.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"product_id": "cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"product_id": "dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"product_id": "gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-150600.10.5.1.x86_64",
"product_id": "kernel-rt-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"product_id": "kernel-rt-devel-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"product_id": "kernel-rt-extra-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"product_id": "kernel-rt-optional-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"product_id": "kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"product_id": "kernel-rt_debug-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"product_id": "kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"product_id": "kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"product_id": "kernel-syms-rt-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"product_id": "kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"product_id": "ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"product_id": "reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP6",
"product": {
"name": "SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150600.10.5.1.noarch as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150600.10.5.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150600.10.5.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-6.4.0-150600.10.5.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150600.10.5.1.noarch as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150600.10.5.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150600.10.5.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-extra-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-optional-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150600.10.5.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
},
"product_reference": "reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47432",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47432"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/generic-radix-tree.c: Don\u0027t overflow in peek()\n\nWhen we started spreading new inode numbers throughout most of the 64\nbit inode space, that triggered some corner case bugs, in particular\nsome integer overflows related to the radix tree code. Oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47432",
"url": "https://www.suse.com/security/cve/CVE-2021-47432"
},
{
"category": "external",
"summary": "SUSE Bug 1225391 for CVE-2021-47432",
"url": "https://bugzilla.suse.com/1225391"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47432"
},
{
"cve": "CVE-2022-48772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: lgdt3306a: Add a check against null-pointer-def\n\nThe driver should check whether the client provides the platform_data.\n\nThe following log reveals it:\n\n[ 29.610324] BUG: KASAN: null-ptr-deref in kmemdup+0x30/0x40\n[ 29.610730] Read of size 40 at addr 0000000000000000 by task bash/414\n[ 29.612820] Call Trace:\n[ 29.613030] \u003cTASK\u003e\n[ 29.613201] dump_stack_lvl+0x56/0x6f\n[ 29.613496] ? kmemdup+0x30/0x40\n[ 29.613754] print_report.cold+0x494/0x6b7\n[ 29.614082] ? kmemdup+0x30/0x40\n[ 29.614340] kasan_report+0x8a/0x190\n[ 29.614628] ? kmemdup+0x30/0x40\n[ 29.614888] kasan_check_range+0x14d/0x1d0\n[ 29.615213] memcpy+0x20/0x60\n[ 29.615454] kmemdup+0x30/0x40\n[ 29.615700] lgdt3306a_probe+0x52/0x310\n[ 29.616339] i2c_device_probe+0x951/0xa90",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48772",
"url": "https://www.suse.com/security/cve/CVE-2022-48772"
},
{
"category": "external",
"summary": "SUSE Bug 1226976 for CVE-2022-48772",
"url": "https://bugzilla.suse.com/1226976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48772"
},
{
"cve": "CVE-2023-0160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0160"
}
],
"notes": [
{
"category": "general",
"text": "A deadlock flaw was found in the Linux kernel\u0027s BPF subsystem. This flaw allows a local user to potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0160",
"url": "https://www.suse.com/security/cve/CVE-2023-0160"
},
{
"category": "external",
"summary": "SUSE Bug 1209657 for CVE-2023-0160",
"url": "https://bugzilla.suse.com/1209657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-38417",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-38417"
}
],
"notes": [
{
"category": "general",
"text": "Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-38417",
"url": "https://www.suse.com/security/cve/CVE-2023-38417"
},
{
"category": "external",
"summary": "SUSE Bug 1225600 for CVE-2023-38417",
"url": "https://bugzilla.suse.com/1225600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-38417"
},
{
"cve": "CVE-2023-47210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47210"
}
],
"notes": [
{
"category": "general",
"text": "Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47210",
"url": "https://www.suse.com/security/cve/CVE-2023-47210"
},
{
"category": "external",
"summary": "SUSE Bug 1225601 for CVE-2023-47210",
"url": "https://bugzilla.suse.com/1225601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-47210"
},
{
"cve": "CVE-2023-51780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51780"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51780",
"url": "https://www.suse.com/security/cve/CVE-2023-51780"
},
{
"category": "external",
"summary": "SUSE Bug 1218730 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1218730"
},
{
"category": "external",
"summary": "SUSE Bug 1218733 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1218733"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1220191"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1224878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "important"
}
],
"title": "CVE-2023-51780"
},
{
"cve": "CVE-2023-52435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52435"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: prevent mss overflow in skb_segment()\n\nOnce again syzbot is able to crash the kernel in skb_segment() [1]\n\nGSO_BY_FRAGS is a forbidden value, but unfortunately the following\ncomputation in skb_segment() can reach it quite easily :\n\n\tmss = mss * partial_segs;\n\n65535 = 3 * 5 * 17 * 257, so many initial values of mss can lead to\na bad final result.\n\nMake sure to limit segmentation so that the new mss value is smaller\nthan GSO_BY_FRAGS.\n\n[1]\n\ngeneral protection fault, probably for non-canonical address 0xdffffc000000000e: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]\nCPU: 1 PID: 5079 Comm: syz-executor993 Not tainted 6.7.0-rc4-syzkaller-00141-g1ae4cd3cbdd0 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023\nRIP: 0010:skb_segment+0x181d/0x3f30 net/core/skbuff.c:4551\nCode: 83 e3 02 e9 fb ed ff ff e8 90 68 1c f9 48 8b 84 24 f8 00 00 00 48 8d 78 70 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 08 3c 03 0f 8e 8a 21 00 00 48 8b 84 24 f8 00\nRSP: 0018:ffffc900043473d0 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000010046 RCX: ffffffff886b1597\nRDX: 000000000000000e RSI: ffffffff886b2520 RDI: 0000000000000070\nRBP: ffffc90004347578 R08: 0000000000000005 R09: 000000000000ffff\nR10: 000000000000ffff R11: 0000000000000002 R12: ffff888063202ac0\nR13: 0000000000010000 R14: 000000000000ffff R15: 0000000000000046\nFS: 0000555556e7e380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020010000 CR3: 0000000027ee2000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\nudp6_ufo_fragment+0xa0e/0xd00 net/ipv6/udp_offload.c:109\nipv6_gso_segment+0x534/0x17e0 net/ipv6/ip6_offload.c:120\nskb_mac_gso_segment+0x290/0x610 net/core/gso.c:53\n__skb_gso_segment+0x339/0x710 net/core/gso.c:124\nskb_gso_segment include/net/gso.h:83 [inline]\nvalidate_xmit_skb+0x36c/0xeb0 net/core/dev.c:3626\n__dev_queue_xmit+0x6f3/0x3d60 net/core/dev.c:4338\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\npacket_xmit+0x257/0x380 net/packet/af_packet.c:276\npacket_snd net/packet/af_packet.c:3087 [inline]\npacket_sendmsg+0x24c6/0x5220 net/packet/af_packet.c:3119\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg+0xd5/0x180 net/socket.c:745\n__sys_sendto+0x255/0x340 net/socket.c:2190\n__do_sys_sendto net/socket.c:2202 [inline]\n__se_sys_sendto net/socket.c:2198 [inline]\n__x64_sys_sendto+0xe0/0x1b0 net/socket.c:2198\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0x40/0x110 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\nRIP: 0033:0x7f8692032aa9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff8d685418 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f8692032aa9\nRDX: 0000000000010048 RSI: 00000000200000c0 RDI: 0000000000000003\nRBP: 00000000000f4240 R08: 0000000020000540 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fff8d685480\nR13: 0000000000000001 R14: 00007fff8d685480 R15: 0000000000000003\n\u003c/TASK\u003e\nModules linked in:\n---[ end trace 0000000000000000 ]---\nRIP: 0010:skb_segment+0x181d/0x3f30 net/core/skbuff.c:4551\nCode: 83 e3 02 e9 fb ed ff ff e8 90 68 1c f9 48 8b 84 24 f8 00 00 00 48 8d 78 70 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 08 3c 03 0f 8e 8a 21 00 00 48 8b 84 24 f8 00\nRSP: 0018:ffffc900043473d0 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000010046 RCX: ffffffff886b1597\nRDX: 000000000000000e RSI: ffffffff886b2520 RDI: 0000000000000070\nRBP: ffffc90004347578 R0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52435",
"url": "https://www.suse.com/security/cve/CVE-2023-52435"
},
{
"category": "external",
"summary": "SUSE Bug 1220138 for CVE-2023-52435",
"url": "https://bugzilla.suse.com/1220138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52435"
},
{
"cve": "CVE-2023-52458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: add check that partition length needs to be aligned with block size\n\nBefore calling add partition or resize partition, there is no check\non whether the length is aligned with the logical block size.\nIf the logical block size of the disk is larger than 512 bytes,\nthen the partition size maybe not the multiple of the logical block size,\nand when the last sector is read, bio_truncate() will adjust the bio size,\nresulting in an IO error if the size of the read command is smaller than\nthe logical block size.If integrity data is supported, this will also\nresult in a null pointer dereference when calling bio_integrity_free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52458",
"url": "https://www.suse.com/security/cve/CVE-2023-52458"
},
{
"category": "external",
"summary": "SUSE Bug 1220428 for CVE-2023-52458",
"url": "https://bugzilla.suse.com/1220428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52458"
},
{
"cve": "CVE-2023-52472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: rsa - add a check for allocation failure\n\nStatic checkers insist that the mpi_alloc() allocation can fail so add\na check to prevent a NULL dereference. Small allocations like this\ncan\u0027t actually fail in current kernels, but adding a check is very\nsimple and makes the static checkers happy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52472",
"url": "https://www.suse.com/security/cve/CVE-2023-52472"
},
{
"category": "external",
"summary": "SUSE Bug 1220427 for CVE-2023-52472",
"url": "https://bugzilla.suse.com/1220427"
},
{
"category": "external",
"summary": "SUSE Bug 1220430 for CVE-2023-52472",
"url": "https://bugzilla.suse.com/1220430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "low"
}
],
"title": "CVE-2023-52472"
},
{
"cve": "CVE-2023-52503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: amdtee: fix use-after-free vulnerability in amdtee_close_session\n\nThere is a potential race condition in amdtee_close_session that may\ncause use-after-free in amdtee_open_session. For instance, if a session\nhas refcount == 1, and one thread tries to free this session via:\n\n kref_put(\u0026sess-\u003erefcount, destroy_session);\n\nthe reference count will get decremented, and the next step would be to\ncall destroy_session(). However, if in another thread,\namdtee_open_session() is called before destroy_session() has completed\nexecution, alloc_session() may return \u0027sess\u0027 that will be freed up\nlater in destroy_session() leading to use-after-free in\namdtee_open_session.\n\nTo fix this issue, treat decrement of sess-\u003erefcount and removal of\n\u0027sess\u0027 from session list in destroy_session() as a critical section, so\nthat it is executed atomically.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52503",
"url": "https://www.suse.com/security/cve/CVE-2023-52503"
},
{
"category": "external",
"summary": "SUSE Bug 1220915 for CVE-2023-52503",
"url": "https://bugzilla.suse.com/1220915"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52503"
},
{
"cve": "CVE-2023-52616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init\n\nWhen the mpi_ec_ctx structure is initialized, some fields are not\ncleared, causing a crash when referencing the field when the\nstructure was released. Initially, this issue was ignored because\nmemory for mpi_ec_ctx is allocated with the __GFP_ZERO flag.\nFor example, this error will be triggered when calculating the\nZa value for SM2 separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52616",
"url": "https://www.suse.com/security/cve/CVE-2023-52616"
},
{
"category": "external",
"summary": "SUSE Bug 1221612 for CVE-2023-52616",
"url": "https://bugzilla.suse.com/1221612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52616"
},
{
"cve": "CVE-2023-52618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock/rnbd-srv: Check for unlikely string overflow\n\nSince \"dev_search_path\" can technically be as large as PATH_MAX,\nthere was a risk of truncation when copying it and a second string\ninto \"full_path\" since it was also PATH_MAX sized. The W=1 builds were\nreporting this warning:\n\ndrivers/block/rnbd/rnbd-srv.c: In function \u0027process_msg_open.isra\u0027:\ndrivers/block/rnbd/rnbd-srv.c:616:51: warning: \u0027%s\u0027 directive output may be truncated writing up to 254 bytes into a region of size between 0 and 4095 [-Wformat-truncation=]\n 616 | snprintf(full_path, PATH_MAX, \"%s/%s\",\n | ^~\nIn function \u0027rnbd_srv_get_full_path\u0027,\n inlined from \u0027process_msg_open.isra\u0027 at drivers/block/rnbd/rnbd-srv.c:721:14: drivers/block/rnbd/rnbd-srv.c:616:17: note: \u0027snprintf\u0027 output between 2 and 4351 bytes into a destination of size 4096\n 616 | snprintf(full_path, PATH_MAX, \"%s/%s\",\n | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n 617 | dev_search_path, dev_name);\n | ~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nTo fix this, unconditionally check for truncation (as was already done\nfor the case where \"%SESSNAME%\" was present).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52618",
"url": "https://www.suse.com/security/cve/CVE-2023-52618"
},
{
"category": "external",
"summary": "SUSE Bug 1221615 for CVE-2023-52618",
"url": "https://bugzilla.suse.com/1221615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52618"
},
{
"cve": "CVE-2023-52622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52622"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid online resizing failures due to oversized flex bg\n\nWhen we online resize an ext4 filesystem with a oversized flexbg_size,\n\n mkfs.ext4 -F -G 67108864 $dev -b 4096 100M\n mount $dev $dir\n resize2fs $dev 16G\n\nthe following WARN_ON is triggered:\n==================================================================\nWARNING: CPU: 0 PID: 427 at mm/page_alloc.c:4402 __alloc_pages+0x411/0x550\nModules linked in: sg(E)\nCPU: 0 PID: 427 Comm: resize2fs Tainted: G E 6.6.0-rc5+ #314\nRIP: 0010:__alloc_pages+0x411/0x550\nCall Trace:\n \u003cTASK\u003e\n __kmalloc_large_node+0xa2/0x200\n __kmalloc+0x16e/0x290\n ext4_resize_fs+0x481/0xd80\n __ext4_ioctl+0x1616/0x1d90\n ext4_ioctl+0x12/0x20\n __x64_sys_ioctl+0xf0/0x150\n do_syscall_64+0x3b/0x90\n==================================================================\n\nThis is because flexbg_size is too large and the size of the new_group_data\narray to be allocated exceeds MAX_ORDER. Currently, the minimum value of\nMAX_ORDER is 8, the minimum value of PAGE_SIZE is 4096, the corresponding\nmaximum number of groups that can be allocated is:\n\n (PAGE_SIZE \u003c\u003c MAX_ORDER) / sizeof(struct ext4_new_group_data) ~ 21845\n\nAnd the value that is down-aligned to the power of 2 is 16384. Therefore,\nthis value is defined as MAX_RESIZE_BG, and the number of groups added\neach time does not exceed this value during resizing, and is added multiple\ntimes to complete the online resizing. The difference is that the metadata\nin a flex_bg may be more dispersed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52622",
"url": "https://www.suse.com/security/cve/CVE-2023-52622"
},
{
"category": "external",
"summary": "SUSE Bug 1222080 for CVE-2023-52622",
"url": "https://bugzilla.suse.com/1222080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52622"
},
{
"cve": "CVE-2023-52631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix an NULL dereference bug\n\nThe issue here is when this is called from ntfs_load_attr_list(). The\n\"size\" comes from le32_to_cpu(attr-\u003eres.data_size) so it can\u0027t overflow\non a 64bit systems but on 32bit systems the \"+ 1023\" can overflow and\nthe result is zero. This means that the kmalloc will succeed by\nreturning the ZERO_SIZE_PTR and then the memcpy() will crash with an\nOops on the next line.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52631",
"url": "https://www.suse.com/security/cve/CVE-2023-52631"
},
{
"category": "external",
"summary": "SUSE Bug 1222264 for CVE-2023-52631",
"url": "https://bugzilla.suse.com/1222264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52631"
},
{
"cve": "CVE-2023-52635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Synchronize devfreq_monitor_[start/stop]\n\nThere is a chance if a frequent switch of the governor\ndone in a loop result in timer list corruption where\ntimer cancel being done from two place one from\ncancel_delayed_work_sync() and followed by expire_timers()\ncan be seen from the traces[1].\n\nwhile true\ndo\n echo \"simple_ondemand\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\n echo \"performance\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\ndone\n\nIt looks to be issue with devfreq driver where\ndevice_monitor_[start/stop] need to synchronized so that\ndelayed work should get corrupted while it is either\nbeing queued or running or being cancelled.\n\nLet\u0027s use polling flag and devfreq lock to synchronize the\nqueueing the timer instance twice and work data being\ncorrupted.\n\n[1]\n...\n..\n\u003cidle\u003e-0 [003] 9436.209662: timer_cancel timer=0xffffff80444f0428\n\u003cidle\u003e-0 [003] 9436.209664: timer_expire_entry timer=0xffffff80444f0428 now=0x10022da1c function=__typeid__ZTSFvP10timer_listE_global_addr baseclk=0x10022da1c\n\u003cidle\u003e-0 [003] 9436.209718: timer_expire_exit timer=0xffffff80444f0428\nkworker/u16:6-14217 [003] 9436.209863: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2b now=0x10022da1c flags=182452227\nvendor.xxxyyy.ha-1593 [004] 9436.209888: timer_cancel timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216390: timer_init timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216392: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2c now=0x10022da1d flags=186646532\nvendor.xxxyyy.ha-1593 [005] 9436.220992: timer_cancel timer=0xffffff80444f0428\nxxxyyyTraceManag-7795 [004] 9436.261641: timer_cancel timer=0xffffff80444f0428\n\n[2]\n\n 9436.261653][ C4] Unable to handle kernel paging request at virtual address dead00000000012a\n[ 9436.261664][ C4] Mem abort info:\n[ 9436.261666][ C4] ESR = 0x96000044\n[ 9436.261669][ C4] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 9436.261671][ C4] SET = 0, FnV = 0\n[ 9436.261673][ C4] EA = 0, S1PTW = 0\n[ 9436.261675][ C4] Data abort info:\n[ 9436.261677][ C4] ISV = 0, ISS = 0x00000044\n[ 9436.261680][ C4] CM = 0, WnR = 1\n[ 9436.261682][ C4] [dead00000000012a] address between user and kernel address ranges\n[ 9436.261685][ C4] Internal error: Oops: 96000044 [#1] PREEMPT SMP\n[ 9436.261701][ C4] Skip md ftrace buffer dump for: 0x3a982d0\n...\n\n[ 9436.262138][ C4] CPU: 4 PID: 7795 Comm: TraceManag Tainted: G S W O 5.10.149-android12-9-o-g17f915d29d0c #1\n[ 9436.262141][ C4] Hardware name: Qualcomm Technologies, Inc. (DT)\n[ 9436.262144][ C4] pstate: 22400085 (nzCv daIf +PAN -UAO +TCO BTYPE=--)\n[ 9436.262161][ C4] pc : expire_timers+0x9c/0x438\n[ 9436.262164][ C4] lr : expire_timers+0x2a4/0x438\n[ 9436.262168][ C4] sp : ffffffc010023dd0\n[ 9436.262171][ C4] x29: ffffffc010023df0 x28: ffffffd0636fdc18\n[ 9436.262178][ C4] x27: ffffffd063569dd0 x26: ffffffd063536008\n[ 9436.262182][ C4] x25: 0000000000000001 x24: ffffff88f7c69280\n[ 9436.262185][ C4] x23: 00000000000000e0 x22: dead000000000122\n[ 9436.262188][ C4] x21: 000000010022da29 x20: ffffff8af72b4e80\n[ 9436.262191][ C4] x19: ffffffc010023e50 x18: ffffffc010025038\n[ 9436.262195][ C4] x17: 0000000000000240 x16: 0000000000000201\n[ 9436.262199][ C4] x15: ffffffffffffffff x14: ffffff889f3c3100\n[ 9436.262203][ C4] x13: ffffff889f3c3100 x12: 00000000049f56b8\n[ 9436.262207][ C4] x11: 00000000049f56b8 x10: 00000000ffffffff\n[ 9436.262212][ C4] x9 : ffffffc010023e50 x8 : dead000000000122\n[ 9436.262216][ C4] x7 : ffffffffffffffff x6 : ffffffc0100239d8\n[ 9436.262220][ C4] x5 : 0000000000000000 x4 : 0000000000000101\n[ 9436.262223][ C4] x3 : 0000000000000080 x2 : ffffff8\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52635",
"url": "https://www.suse.com/security/cve/CVE-2023-52635"
},
{
"category": "external",
"summary": "SUSE Bug 1222294 for CVE-2023-52635",
"url": "https://bugzilla.suse.com/1222294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52635"
},
{
"cve": "CVE-2023-52640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix oob in ntfs_listxattr\n\nThe length of name cannot exceed the space occupied by ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52640",
"url": "https://www.suse.com/security/cve/CVE-2023-52640"
},
{
"category": "external",
"summary": "SUSE Bug 1222301 for CVE-2023-52640",
"url": "https://bugzilla.suse.com/1222301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52640"
},
{
"cve": "CVE-2023-52641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame()\n\nIt is preferable to exit through the out: label because\ninternal debugging functions are located there.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52641",
"url": "https://www.suse.com/security/cve/CVE-2023-52641"
},
{
"category": "external",
"summary": "SUSE Bug 1222303 for CVE-2023-52641",
"url": "https://bugzilla.suse.com/1222303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52641"
},
{
"cve": "CVE-2023-52645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52645"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: mediatek: fix race conditions with genpd\n\nIf the power domains are registered first with genpd and *after that*\nthe driver attempts to power them on in the probe sequence, then it is\npossible that a race condition occurs if genpd tries to power them on\nin the same time.\nThe same is valid for powering them off before unregistering them\nfrom genpd.\nAttempt to fix race conditions by first removing the domains from genpd\nand *after that* powering down domains.\nAlso first power up the domains and *after that* register them\nto genpd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52645",
"url": "https://www.suse.com/security/cve/CVE-2023-52645"
},
{
"category": "external",
"summary": "SUSE Bug 1223033 for CVE-2023-52645",
"url": "https://bugzilla.suse.com/1223033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52645"
},
{
"cve": "CVE-2023-52652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNTB: fix possible name leak in ntb_register_device()\n\nIf device_register() fails in ntb_register_device(), the device name\nallocated by dev_set_name() should be freed. As per the comment in\ndevice_register(), callers should use put_device() to give up the\nreference in the error path. So fix this by calling put_device() in the\nerror path so that the name can be freed in kobject_cleanup().\n\nAs a result of this, put_device() in the error path of\nntb_register_device() is removed and the actual error is returned.\n\n[mani: reworded commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52652",
"url": "https://www.suse.com/security/cve/CVE-2023-52652"
},
{
"category": "external",
"summary": "SUSE Bug 1223686 for CVE-2023-52652",
"url": "https://bugzilla.suse.com/1223686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "low"
}
],
"title": "CVE-2023-52652"
},
{
"cve": "CVE-2023-52653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52653"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix a memleak in gss_import_v2_context\n\nThe ctx-\u003emech_used.data allocated by kmemdup is not freed in neither\ngss_import_v2_context nor it only caller gss_krb5_import_sec_context,\nwhich frees ctx on error.\n\nThus, this patch reform the last call of gss_import_v2_context to the\ngss_krb5_import_ctx_v2, preventing the memleak while keepping the return\nformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52653",
"url": "https://www.suse.com/security/cve/CVE-2023-52653"
},
{
"category": "external",
"summary": "SUSE Bug 1223712 for CVE-2023-52653",
"url": "https://bugzilla.suse.com/1223712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "low"
}
],
"title": "CVE-2023-52653"
},
{
"cve": "CVE-2023-52656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: drop any code related to SCM_RIGHTS\n\nThis is dead code after we dropped support for passing io_uring fds\nover SCM_RIGHTS, get rid of it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52656",
"url": "https://www.suse.com/security/cve/CVE-2023-52656"
},
{
"category": "external",
"summary": "SUSE Bug 1224187 for CVE-2023-52656",
"url": "https://bugzilla.suse.com/1224187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "low"
}
],
"title": "CVE-2023-52656"
},
{
"cve": "CVE-2023-52657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52657"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd/pm: resolve reboot exception for si oland\"\n\nThis reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86.\n\nThis causes hangs on SI when DC is enabled and errors on driver\nreboot and power off cycles.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52657",
"url": "https://www.suse.com/security/cve/CVE-2023-52657"
},
{
"category": "external",
"summary": "SUSE Bug 1224722 for CVE-2023-52657",
"url": "https://bugzilla.suse.com/1224722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52657"
},
{
"cve": "CVE-2023-52658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"net/mlx5: Block entering switchdev mode with ns inconsistency\"\n\nThis reverts commit 662404b24a4c4d839839ed25e3097571f5938b9b.\nThe revert is required due to the suspicion it is not good for anything\nand cause crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52658",
"url": "https://www.suse.com/security/cve/CVE-2023-52658"
},
{
"category": "external",
"summary": "SUSE Bug 1224719 for CVE-2023-52658",
"url": "https://bugzilla.suse.com/1224719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52658"
},
{
"cve": "CVE-2023-52659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type\n\nOn 64-bit platforms, the pfn_to_kaddr() macro requires that the input\nvalue is 64 bits in order to ensure that valid address bits don\u0027t get\nlost when shifting that input by PAGE_SHIFT to calculate the physical\naddress to provide a virtual address for.\n\nOne such example is in pvalidate_pages() (used by SEV-SNP guests), where\nthe GFN in the struct used for page-state change requests is a 40-bit\nbit-field, so attempts to pass this GFN field directly into\npfn_to_kaddr() ends up causing guest crashes when dealing with addresses\nabove the 1TB range due to the above.\n\nFix this issue with SEV-SNP guests, as well as any similar cases that\nmight cause issues in current/future code, by using an inline function,\ninstead of a macro, so that the input is implicitly cast to the\nexpected 64-bit input type prior to performing the shift operation.\n\nWhile it might be argued that the issue is on the caller side, other\narchs/macros have taken similar approaches to deal with instances like\nthis, such as ARM explicitly casting the input to phys_addr_t:\n\n e48866647b48 (\"ARM: 8396/1: use phys_addr_t in pfn_to_kaddr()\")\n\nA C inline function is even better though.\n\n[ mingo: Refined the changelog some more \u0026 added __always_inline. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52659",
"url": "https://www.suse.com/security/cve/CVE-2023-52659"
},
{
"category": "external",
"summary": "SUSE Bug 1224442 for CVE-2023-52659",
"url": "https://bugzilla.suse.com/1224442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52659"
},
{
"cve": "CVE-2023-52660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52660"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: rkisp1: Fix IRQ handling due to shared interrupts\n\nThe driver requests the interrupts as IRQF_SHARED, so the interrupt\nhandlers can be called at any time. If such a call happens while the ISP\nis powered down, the SoC will hang as the driver tries to access the\nISP registers.\n\nThis can be reproduced even without the platform sharing the IRQ line:\nEnable CONFIG_DEBUG_SHIRQ and unload the driver, and the board will\nhang.\n\nFix this by adding a new field, \u0027irqs_enabled\u0027, which is used to bail\nout from the interrupt handler when the ISP is not operational.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52660",
"url": "https://www.suse.com/security/cve/CVE-2023-52660"
},
{
"category": "external",
"summary": "SUSE Bug 1224443 for CVE-2023-52660",
"url": "https://bugzilla.suse.com/1224443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52660"
},
{
"cve": "CVE-2023-52661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe()\n\nIf clk_get_sys(..., \"pll_d2_out0\") fails, the clk_get_sys() call must be\nundone.\n\nAdd the missing clk_put and a new \u0027put_pll_d_out0\u0027 label in the error\nhandling path, and use it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52661",
"url": "https://www.suse.com/security/cve/CVE-2023-52661"
},
{
"category": "external",
"summary": "SUSE Bug 1224445 for CVE-2023-52661",
"url": "https://bugzilla.suse.com/1224445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "low"
}
],
"title": "CVE-2023-52661"
},
{
"cve": "CVE-2023-52662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52662"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node\n\nWhen ida_alloc_max fails, resources allocated before should be freed,\nincluding *res allocated by kmalloc and ttm_resource_init.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52662",
"url": "https://www.suse.com/security/cve/CVE-2023-52662"
},
{
"category": "external",
"summary": "SUSE Bug 1224449 for CVE-2023-52662",
"url": "https://bugzilla.suse.com/1224449"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52662"
},
{
"cve": "CVE-2023-52663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: amd: Fix memory leak in amd_sof_acp_probe()\n\nDriver uses kasprintf() to initialize fw_{code,data}_bin members of\nstruct acp_dev_data, but kfree() is never called to deallocate the\nmemory, which results in a memory leak.\n\nFix the issue by switching to devm_kasprintf(). Additionally, ensure the\nallocation was successful by checking the pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52663",
"url": "https://www.suse.com/security/cve/CVE-2023-52663"
},
{
"category": "external",
"summary": "SUSE Bug 1224630 for CVE-2023-52663",
"url": "https://bugzilla.suse.com/1224630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52663"
},
{
"cve": "CVE-2023-52664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atlantic: eliminate double free in error handling logic\n\nDriver has a logic leak in ring data allocation/free,\nwhere aq_ring_free could be called multiple times on same ring,\nif system is under stress and got memory allocation error.\n\nRing pointer was used as an indicator of failure, but this is\nnot correct since only ring data is allocated/deallocated.\nRing itself is an array member.\n\nChanging ring allocation functions to return error code directly.\nThis simplifies error handling and eliminates aq_ring_free\non higher layer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52664",
"url": "https://www.suse.com/security/cve/CVE-2023-52664"
},
{
"category": "external",
"summary": "SUSE Bug 1224747 for CVE-2023-52664",
"url": "https://bugzilla.suse.com/1224747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52664"
},
{
"cve": "CVE-2023-52667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: fix a potential double-free in fs_any_create_groups\n\nWhen kcalloc() for ft-\u003eg succeeds but kvzalloc() for in fails,\nfs_any_create_groups() will free ft-\u003eg. However, its caller\nfs_any_create_table() will free ft-\u003eg again through calling\nmlx5e_destroy_flow_table(), which will lead to a double-free.\nFix this by setting ft-\u003eg to NULL in fs_any_create_groups().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52667",
"url": "https://www.suse.com/security/cve/CVE-2023-52667"
},
{
"category": "external",
"summary": "SUSE Bug 1224603 for CVE-2023-52667",
"url": "https://bugzilla.suse.com/1224603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52667"
},
{
"cve": "CVE-2023-52669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52669"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: s390/aes - Fix buffer overread in CTR mode\n\nWhen processing the last block, the s390 ctr code will always read\na whole block, even if there isn\u0027t a whole block of data left. Fix\nthis by using the actual length left and copy it into a buffer first\nfor processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52669",
"url": "https://www.suse.com/security/cve/CVE-2023-52669"
},
{
"category": "external",
"summary": "SUSE Bug 1224637 for CVE-2023-52669",
"url": "https://bugzilla.suse.com/1224637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52669"
},
{
"cve": "CVE-2023-52670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpmsg: virtio: Free driver_override when rpmsg_remove()\n\nFree driver_override when rpmsg_remove(), otherwise\nthe following memory leak will occur:\n\nunreferenced object 0xffff0000d55d7080 (size 128):\n comm \"kworker/u8:2\", pid 56, jiffies 4294893188 (age 214.272s)\n hex dump (first 32 bytes):\n 72 70 6d 73 67 5f 6e 73 00 00 00 00 00 00 00 00 rpmsg_ns........\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c000000009c94c9c1\u003e] __kmem_cache_alloc_node+0x1f8/0x320\n [\u003c000000002300d89b\u003e] __kmalloc_node_track_caller+0x44/0x70\n [\u003c00000000228a60c3\u003e] kstrndup+0x4c/0x90\n [\u003c0000000077158695\u003e] driver_set_override+0xd0/0x164\n [\u003c000000003e9c4ea5\u003e] rpmsg_register_device_override+0x98/0x170\n [\u003c000000001c0c89a8\u003e] rpmsg_ns_register_device+0x24/0x30\n [\u003c000000008bbf8fa2\u003e] rpmsg_probe+0x2e0/0x3ec\n [\u003c00000000e65a68df\u003e] virtio_dev_probe+0x1c0/0x280\n [\u003c00000000443331cc\u003e] really_probe+0xbc/0x2dc\n [\u003c00000000391064b1\u003e] __driver_probe_device+0x78/0xe0\n [\u003c00000000a41c9a5b\u003e] driver_probe_device+0xd8/0x160\n [\u003c000000009c3bd5df\u003e] __device_attach_driver+0xb8/0x140\n [\u003c0000000043cd7614\u003e] bus_for_each_drv+0x7c/0xd4\n [\u003c000000003b929a36\u003e] __device_attach+0x9c/0x19c\n [\u003c00000000a94e0ba8\u003e] device_initial_probe+0x14/0x20\n [\u003c000000003c999637\u003e] bus_probe_device+0xa0/0xac",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52670",
"url": "https://www.suse.com/security/cve/CVE-2023-52670"
},
{
"category": "external",
"summary": "SUSE Bug 1224696 for CVE-2023-52670",
"url": "https://bugzilla.suse.com/1224696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52670"
},
{
"cve": "CVE-2023-52671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix hang/underflow when transitioning to ODM4:1\n\n[Why]\nUnder some circumstances, disabling an OPTC and attempting to reclaim\nits OPP(s) for a different OPTC could cause a hang/underflow due to OPPs\nnot being properly disconnected from the disabled OPTC.\n\n[How]\nEnsure that all OPPs are unassigned from an OPTC when it gets disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52671",
"url": "https://www.suse.com/security/cve/CVE-2023-52671"
},
{
"category": "external",
"summary": "SUSE Bug 1224729 for CVE-2023-52671",
"url": "https://bugzilla.suse.com/1224729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52671"
},
{
"cve": "CVE-2023-52672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52672"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npipe: wakeup wr_wait after setting max_usage\n\nCommit c73be61cede5 (\"pipe: Add general notification queue support\") a\nregression was introduced that would lock up resized pipes under certain\nconditions. See the reproducer in [1].\n\nThe commit resizing the pipe ring size was moved to a different\nfunction, doing that moved the wakeup for pipe-\u003ewr_wait before actually\nraising pipe-\u003emax_usage. If a pipe was full before the resize occured it\nwould result in the wakeup never actually triggering pipe_write.\n\nSet @max_usage and @nr_accounted before waking writers if this isn\u0027t a\nwatch queue.\n\n[Christian Brauner \u003cbrauner@kernel.org\u003e: rewrite to account for watch queues]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52672",
"url": "https://www.suse.com/security/cve/CVE-2023-52672"
},
{
"category": "external",
"summary": "SUSE Bug 1224614 for CVE-2023-52672",
"url": "https://bugzilla.suse.com/1224614"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52672"
},
{
"cve": "CVE-2023-52673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix a debugfs null pointer error\n\n[WHY \u0026 HOW]\nCheck whether get_subvp_en() callback exists before calling it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52673",
"url": "https://www.suse.com/security/cve/CVE-2023-52673"
},
{
"category": "external",
"summary": "SUSE Bug 1224741 for CVE-2023-52673",
"url": "https://bugzilla.suse.com/1224741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52673"
},
{
"cve": "CVE-2023-52674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put()\n\nEnsure the value passed to scarlett2_mixer_ctl_put() is between 0 and\nSCARLETT2_MIXER_MAX_VALUE so we don\u0027t attempt to access outside\nscarlett2_mixer_values[].",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52674",
"url": "https://www.suse.com/security/cve/CVE-2023-52674"
},
{
"category": "external",
"summary": "SUSE Bug 1224727 for CVE-2023-52674",
"url": "https://bugzilla.suse.com/1224727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52674"
},
{
"cve": "CVE-2023-52675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/imc-pmu: Add a null pointer check in update_events_in_group()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52675",
"url": "https://www.suse.com/security/cve/CVE-2023-52675"
},
{
"category": "external",
"summary": "SUSE Bug 1224504 for CVE-2023-52675",
"url": "https://bugzilla.suse.com/1224504"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52675"
},
{
"cve": "CVE-2023-52676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Guard stack limits against 32bit overflow\n\nThis patch promotes the arithmetic around checking stack bounds to be\ndone in the 64-bit domain, instead of the current 32bit. The arithmetic\nimplies adding together a 64-bit register with a int offset. The\nregister was checked to be below 1\u003c\u003c29 when it was variable, but not\nwhen it was fixed. The offset either comes from an instruction (in which\ncase it is 16 bit), from another register (in which case the caller\nchecked it to be below 1\u003c\u003c29 [1]), or from the size of an argument to a\nkfunc (in which case it can be a u32 [2]). Between the register being\ninconsistently checked to be below 1\u003c\u003c29, and the offset being up to an\nu32, it appears that we were open to overflowing the `int`s which were\ncurrently used for arithmetic.\n\n[1] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L7494-L7498\n[2] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L11904",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52676",
"url": "https://www.suse.com/security/cve/CVE-2023-52676"
},
{
"category": "external",
"summary": "SUSE Bug 1224730 for CVE-2023-52676",
"url": "https://bugzilla.suse.com/1224730"
},
{
"category": "external",
"summary": "SUSE Bug 1226336 for CVE-2023-52676",
"url": "https://bugzilla.suse.com/1226336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "important"
}
],
"title": "CVE-2023-52676"
},
{
"cve": "CVE-2023-52678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c\n\nBefore using list_first_entry, make sure to check that list is not\nempty, if list is empty return -ENODATA.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1347 kfd_create_indirect_link_prop() warn: can \u0027gpu_link\u0027 even be NULL?\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1428 kfd_add_peer_prop() warn: can \u0027iolink1\u0027 even be NULL?\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1433 kfd_add_peer_prop() warn: can \u0027iolink2\u0027 even be NULL?",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52678",
"url": "https://www.suse.com/security/cve/CVE-2023-52678"
},
{
"category": "external",
"summary": "SUSE Bug 1224617 for CVE-2023-52678",
"url": "https://bugzilla.suse.com/1224617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52678"
},
{
"cve": "CVE-2023-52679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: Fix double free in of_parse_phandle_with_args_map\n\nIn of_parse_phandle_with_args_map() the inner loop that\niterates through the map entries calls of_node_put(new)\nto free the reference acquired by the previous iteration\nof the inner loop. This assumes that the value of \"new\" is\nNULL on the first iteration of the inner loop.\n\nMake sure that this is true in all iterations of the outer\nloop by setting \"new\" to NULL after its value is assigned to \"cur\".\n\nExtend the unittest to detect the double free and add an additional\ntest case that actually triggers this path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52679",
"url": "https://www.suse.com/security/cve/CVE-2023-52679"
},
{
"category": "external",
"summary": "SUSE Bug 1224508 for CVE-2023-52679",
"url": "https://bugzilla.suse.com/1224508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52679"
},
{
"cve": "CVE-2023-52680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: scarlett2: Add missing error checks to *_ctl_get()\n\nThe *_ctl_get() functions which call scarlett2_update_*() were not\nchecking the return value. Fix to check the return value and pass to\nthe caller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52680",
"url": "https://www.suse.com/security/cve/CVE-2023-52680"
},
{
"category": "external",
"summary": "SUSE Bug 1224608 for CVE-2023-52680",
"url": "https://bugzilla.suse.com/1224608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52680"
},
{
"cve": "CVE-2023-52681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefivarfs: Free s_fs_info on unmount\n\nNow that we allocate a s_fs_info struct on fs context creation, we\nshould ensure that we free it again when the superblock goes away.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52681",
"url": "https://www.suse.com/security/cve/CVE-2023-52681"
},
{
"category": "external",
"summary": "SUSE Bug 1224505 for CVE-2023-52681",
"url": "https://bugzilla.suse.com/1224505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52681"
},
{
"cve": "CVE-2023-52683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: LPIT: Avoid u32 multiplication overflow\n\nIn lpit_update_residency() there is a possibility of overflow\nin multiplication, if tsc_khz is large enough (\u003e UINT_MAX/1000).\n\nChange multiplication to mul_u32_u32().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52683",
"url": "https://www.suse.com/security/cve/CVE-2023-52683"
},
{
"category": "external",
"summary": "SUSE Bug 1224627 for CVE-2023-52683",
"url": "https://bugzilla.suse.com/1224627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52683"
},
{
"cve": "CVE-2023-52685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52685"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52685",
"url": "https://www.suse.com/security/cve/CVE-2023-52685"
},
{
"category": "external",
"summary": "SUSE Bug 1224728 for CVE-2023-52685",
"url": "https://bugzilla.suse.com/1224728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52685"
},
{
"cve": "CVE-2023-52686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_event_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52686",
"url": "https://www.suse.com/security/cve/CVE-2023-52686"
},
{
"category": "external",
"summary": "SUSE Bug 1224682 for CVE-2023-52686",
"url": "https://bugzilla.suse.com/1224682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52686"
},
{
"cve": "CVE-2023-52687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: safexcel - Add error handling for dma_map_sg() calls\n\nMacro dma_map_sg() may return 0 on error. This patch enables\nchecks in case of the macro failure and ensures unmapping of\npreviously mapped buffers with dma_unmap_sg().\n\nFound by Linux Verification Center (linuxtesting.org) with static\nanalysis tool SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52687",
"url": "https://www.suse.com/security/cve/CVE-2023-52687"
},
{
"category": "external",
"summary": "SUSE Bug 1224501 for CVE-2023-52687",
"url": "https://bugzilla.suse.com/1224501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52687"
},
{
"cve": "CVE-2023-52690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52690"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check to scom_debug_init_one()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.\nAdd a null pointer check, and release \u0027ent\u0027 to avoid memory leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52690",
"url": "https://www.suse.com/security/cve/CVE-2023-52690"
},
{
"category": "external",
"summary": "SUSE Bug 1224611 for CVE-2023-52690",
"url": "https://bugzilla.suse.com/1224611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52690"
},
{
"cve": "CVE-2023-52691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52691"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix a double-free in si_dpm_init\n\nWhen the allocation of\nadev-\u003epm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails,\namdgpu_free_extended_power_table is called to free some fields of adev.\nHowever, when the control flow returns to si_dpm_sw_init, it goes to\nlabel dpm_failed and calls si_dpm_fini, which calls\namdgpu_free_extended_power_table again and free those fields again. Thus\na double-free is triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52691",
"url": "https://www.suse.com/security/cve/CVE-2023-52691"
},
{
"category": "external",
"summary": "SUSE Bug 1224607 for CVE-2023-52691",
"url": "https://bugzilla.suse.com/1224607"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52691"
},
{
"cve": "CVE-2023-52692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: scarlett2: Add missing error check to scarlett2_usb_set_config()\n\nscarlett2_usb_set_config() calls scarlett2_usb_get() but was not\nchecking the result. Return the error if it fails rather than\ncontinuing with an invalid value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52692",
"url": "https://www.suse.com/security/cve/CVE-2023-52692"
},
{
"category": "external",
"summary": "SUSE Bug 1224628 for CVE-2023-52692",
"url": "https://bugzilla.suse.com/1224628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52692"
},
{
"cve": "CVE-2023-52693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: video: check for error while searching for backlight device parent\n\nIf acpi_get_parent() called in acpi_video_dev_register_backlight()\nfails, for example, because acpi_ut_acquire_mutex() fails inside\nacpi_get_parent), this can lead to incorrect (uninitialized)\nacpi_parent handle being passed to acpi_get_pci_dev() for detecting\nthe parent pci device.\n\nCheck acpi_get_parent() result and set parent device only in case of success.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52693",
"url": "https://www.suse.com/security/cve/CVE-2023-52693"
},
{
"category": "external",
"summary": "SUSE Bug 1224686 for CVE-2023-52693",
"url": "https://bugzilla.suse.com/1224686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52693"
},
{
"cve": "CVE-2023-52694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52694"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/bridge: tpd12s015: Drop buggy __exit annotation for remove function\n\nWith tpd12s015_remove() marked with __exit this function is discarded\nwhen the driver is compiled as a built-in. The result is that when the\ndriver unbinds there is no cleanup done which results in resource\nleakage or worse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52694",
"url": "https://www.suse.com/security/cve/CVE-2023-52694"
},
{
"category": "external",
"summary": "SUSE Bug 1224598 for CVE-2023-52694",
"url": "https://bugzilla.suse.com/1224598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52694"
},
{
"cve": "CVE-2023-52695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52695"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check writeback connectors in create_validate_stream_for_sink\n\n[WHY \u0026 HOW]\nThis is to check connector type to avoid\nunhandled null pointer for writeback connectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52695",
"url": "https://www.suse.com/security/cve/CVE-2023-52695"
},
{
"category": "external",
"summary": "SUSE Bug 1224506 for CVE-2023-52695",
"url": "https://bugzilla.suse.com/1224506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52695"
},
{
"cve": "CVE-2023-52696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52696"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_powercap_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52696",
"url": "https://www.suse.com/security/cve/CVE-2023-52696"
},
{
"category": "external",
"summary": "SUSE Bug 1224601 for CVE-2023-52696",
"url": "https://bugzilla.suse.com/1224601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52696"
},
{
"cve": "CVE-2023-52697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx-\u003eheadset_codec_dev = NULL\n\nsof_sdw_rt_sdca_jack_exit() are used by different codecs, and some of\nthem use the same dai name.\nFor example, rt712 and rt713 both use \"rt712-sdca-aif1\" and\nsof_sdw_rt_sdca_jack_exit().\nAs a result, sof_sdw_rt_sdca_jack_exit() will be called twice by\nmc_dailink_exit_loop(). Set ctx-\u003eheadset_codec_dev = NULL; after\nput_device(ctx-\u003eheadset_codec_dev); to avoid ctx-\u003eheadset_codec_dev\nbeing put twice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52697",
"url": "https://www.suse.com/security/cve/CVE-2023-52697"
},
{
"category": "external",
"summary": "SUSE Bug 1224596 for CVE-2023-52697",
"url": "https://bugzilla.suse.com/1224596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52697"
},
{
"cve": "CVE-2023-52698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncalipso: fix memory leak in netlbl_calipso_add_pass()\n\nIf IPv6 support is disabled at boot (ipv6.disable=1),\nthe calipso_init() -\u003e netlbl_calipso_ops_register() function isn\u0027t called,\nand the netlbl_calipso_ops_get() function always returns NULL.\nIn this case, the netlbl_calipso_add_pass() function allocates memory\nfor the doi_def variable but doesn\u0027t free it with the calipso_doi_free().\n\nBUG: memory leak\nunreferenced object 0xffff888011d68180 (size 64):\n comm \"syz-executor.1\", pid 10746, jiffies 4295410986 (age 17.928s)\n hex dump (first 32 bytes):\n 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c...\u003e] kmalloc include/linux/slab.h:552 [inline]\n [\u003c...\u003e] netlbl_calipso_add_pass net/netlabel/netlabel_calipso.c:76 [inline]\n [\u003c...\u003e] netlbl_calipso_add+0x22e/0x4f0 net/netlabel/netlabel_calipso.c:111\n [\u003c...\u003e] genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n [\u003c...\u003e] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n [\u003c...\u003e] genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n [\u003c...\u003e] netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2515\n [\u003c...\u003e] genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n [\u003c...\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n [\u003c...\u003e] netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1339\n [\u003c...\u003e] netlink_sendmsg+0x90a/0xdf0 net/netlink/af_netlink.c:1934\n [\u003c...\u003e] sock_sendmsg_nosec net/socket.c:651 [inline]\n [\u003c...\u003e] sock_sendmsg+0x157/0x190 net/socket.c:671\n [\u003c...\u003e] ____sys_sendmsg+0x712/0x870 net/socket.c:2342\n [\u003c...\u003e] ___sys_sendmsg+0xf8/0x170 net/socket.c:2396\n [\u003c...\u003e] __sys_sendmsg+0xea/0x1b0 net/socket.c:2429\n [\u003c...\u003e] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n [\u003c...\u003e] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller\n\n[PM: merged via the LSM tree at Jakub Kicinski request]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52698",
"url": "https://www.suse.com/security/cve/CVE-2023-52698"
},
{
"category": "external",
"summary": "SUSE Bug 1224621 for CVE-2023-52698",
"url": "https://bugzilla.suse.com/1224621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "low"
}
],
"title": "CVE-2023-52698"
},
{
"cve": "CVE-2023-52699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsysv: don\u0027t call sb_bread() with pointers_lock held\n\nsyzbot is reporting sleep in atomic context in SysV filesystem [1], for\nsb_bread() is called with rw_spinlock held.\n\nA \"write_lock(\u0026pointers_lock) =\u003e read_lock(\u0026pointers_lock) deadlock\" bug\nand a \"sb_bread() with write_lock(\u0026pointers_lock)\" bug were introduced by\n\"Replace BKL for chain locking with sysvfs-private rwlock\" in Linux 2.5.12.\n\nThen, \"[PATCH] err1-40: sysvfs locking fix\" in Linux 2.6.8 fixed the\nformer bug by moving pointers_lock lock to the callers, but instead\nintroduced a \"sb_bread() with read_lock(\u0026pointers_lock)\" bug (which made\nthis problem easier to hit).\n\nAl Viro suggested that why not to do like get_branch()/get_block()/\nfind_shared() in Minix filesystem does. And doing like that is almost a\nrevert of \"[PATCH] err1-40: sysvfs locking fix\" except that get_branch()\n from with find_shared() is called without write_lock(\u0026pointers_lock).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52699",
"url": "https://www.suse.com/security/cve/CVE-2023-52699"
},
{
"category": "external",
"summary": "SUSE Bug 1224659 for CVE-2023-52699",
"url": "https://bugzilla.suse.com/1224659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52699"
},
{
"cve": "CVE-2023-52735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Don\u0027t let sock_map_{close,destroy,unhash} call itself\n\nsock_map proto callbacks should never call themselves by design. Protect\nagainst bugs like [1] and break out of the recursive loop to avoid a stack\noverflow in favor of a resource leak.\n\n[1] https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52735",
"url": "https://www.suse.com/security/cve/CVE-2023-52735"
},
{
"category": "external",
"summary": "SUSE Bug 1225475 for CVE-2023-52735",
"url": "https://bugzilla.suse.com/1225475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52735"
},
{
"cve": "CVE-2023-52749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: Fix null dereference on suspend\n\nA race condition exists where a synchronous (noqueue) transfer can be\nactive during a system suspend. This can cause a null pointer\ndereference exception to occur when the system resumes.\n\nExample order of events leading to the exception:\n1. spi_sync() calls __spi_transfer_message_noqueue() which sets\n ctlr-\u003ecur_msg\n2. Spi transfer begins via spi_transfer_one_message()\n3. System is suspended interrupting the transfer context\n4. System is resumed\n6. spi_controller_resume() calls spi_start_queue() which resets cur_msg\n to NULL\n7. Spi transfer context resumes and spi_finalize_current_message() is\n called which dereferences cur_msg (which is now NULL)\n\nWait for synchronous transfers to complete before suspending by\nacquiring the bus mutex and setting/checking a suspend flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52749",
"url": "https://www.suse.com/security/cve/CVE-2023-52749"
},
{
"category": "external",
"summary": "SUSE Bug 1225476 for CVE-2023-52749",
"url": "https://bugzilla.suse.com/1225476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52749"
},
{
"cve": "CVE-2023-52750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer\n\nPrior to LLVM 15.0.0, LLVM\u0027s integrated assembler would incorrectly\nbyte-swap NOP when compiling for big-endian, and the resulting series of\nbytes happened to match the encoding of FNMADD S21, S30, S0, S0.\n\nThis went unnoticed until commit:\n\n 34f66c4c4d5518c1 (\"arm64: Use a positive cpucap for FP/SIMD\")\n\nPrior to that commit, the kernel would always enable the use of FPSIMD\nearly in boot when __cpu_setup() initialized CPACR_EL1, and so usage of\nFNMADD within the kernel was not detected, but could result in the\ncorruption of user or kernel FPSIMD state.\n\nAfter that commit, the instructions happen to trap during boot prior to\nFPSIMD being detected and enabled, e.g.\n\n| Unhandled 64-bit el1h sync exception on CPU0, ESR 0x000000001fe00000 -- ASIMD\n| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1\n| Hardware name: linux,dummy-virt (DT)\n| pstate: 400000c9 (nZcv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n| pc : __pi_strcmp+0x1c/0x150\n| lr : populate_properties+0xe4/0x254\n| sp : ffffd014173d3ad0\n| x29: ffffd014173d3af0 x28: fffffbfffddffcb8 x27: 0000000000000000\n| x26: 0000000000000058 x25: fffffbfffddfe054 x24: 0000000000000008\n| x23: fffffbfffddfe000 x22: fffffbfffddfe000 x21: fffffbfffddfe044\n| x20: ffffd014173d3b70 x19: 0000000000000001 x18: 0000000000000005\n| x17: 0000000000000010 x16: 0000000000000000 x15: 00000000413e7000\n| x14: 0000000000000000 x13: 0000000000001bcc x12: 0000000000000000\n| x11: 00000000d00dfeed x10: ffffd414193f2cd0 x9 : 0000000000000000\n| x8 : 0101010101010101 x7 : ffffffffffffffc0 x6 : 0000000000000000\n| x5 : 0000000000000000 x4 : 0101010101010101 x3 : 000000000000002a\n| x2 : 0000000000000001 x1 : ffffd014171f2988 x0 : fffffbfffddffcb8\n| Kernel panic - not syncing: Unhandled exception\n| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1\n| Hardware name: linux,dummy-virt (DT)\n| Call trace:\n| dump_backtrace+0xec/0x108\n| show_stack+0x18/0x2c\n| dump_stack_lvl+0x50/0x68\n| dump_stack+0x18/0x24\n| panic+0x13c/0x340\n| el1t_64_irq_handler+0x0/0x1c\n| el1_abort+0x0/0x5c\n| el1h_64_sync+0x64/0x68\n| __pi_strcmp+0x1c/0x150\n| unflatten_dt_nodes+0x1e8/0x2d8\n| __unflatten_device_tree+0x5c/0x15c\n| unflatten_device_tree+0x38/0x50\n| setup_arch+0x164/0x1e0\n| start_kernel+0x64/0x38c\n| __primary_switched+0xbc/0xc4\n\nRestrict CONFIG_CPU_BIG_ENDIAN to a known good assembler, which is\neither GNU as or LLVM\u0027s IAS 15.0.0 and newer, which contains the linked\ncommit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52750",
"url": "https://www.suse.com/security/cve/CVE-2023-52750"
},
{
"category": "external",
"summary": "SUSE Bug 1225485 for CVE-2023-52750",
"url": "https://bugzilla.suse.com/1225485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52750"
},
{
"cve": "CVE-2023-52751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in smb2_query_info_compound()\n\nThe following UAF was triggered when running fstests generic/072 with\nKASAN enabled against Windows Server 2022 and mount options\n\u0027multichannel,max_channels=2,vers=3.1.1,mfsymlinks,noperm\u0027\n\n BUG: KASAN: slab-use-after-free in smb2_query_info_compound+0x423/0x6d0 [cifs]\n Read of size 8 at addr ffff888014941048 by task xfs_io/27534\n\n CPU: 0 PID: 27534 Comm: xfs_io Not tainted 6.6.0-rc7 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\n rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014\n Call Trace:\n dump_stack_lvl+0x4a/0x80\n print_report+0xcf/0x650\n ? srso_alias_return_thunk+0x5/0x7f\n ? srso_alias_return_thunk+0x5/0x7f\n ? __phys_addr+0x46/0x90\n kasan_report+0xda/0x110\n ? smb2_query_info_compound+0x423/0x6d0 [cifs]\n ? smb2_query_info_compound+0x423/0x6d0 [cifs]\n smb2_query_info_compound+0x423/0x6d0 [cifs]\n ? __pfx_smb2_query_info_compound+0x10/0x10 [cifs]\n ? srso_alias_return_thunk+0x5/0x7f\n ? __stack_depot_save+0x39/0x480\n ? kasan_save_stack+0x33/0x60\n ? kasan_set_track+0x25/0x30\n ? ____kasan_slab_free+0x126/0x170\n smb2_queryfs+0xc2/0x2c0 [cifs]\n ? __pfx_smb2_queryfs+0x10/0x10 [cifs]\n ? __pfx___lock_acquire+0x10/0x10\n smb311_queryfs+0x210/0x220 [cifs]\n ? __pfx_smb311_queryfs+0x10/0x10 [cifs]\n ? srso_alias_return_thunk+0x5/0x7f\n ? __lock_acquire+0x480/0x26c0\n ? lock_release+0x1ed/0x640\n ? srso_alias_return_thunk+0x5/0x7f\n ? do_raw_spin_unlock+0x9b/0x100\n cifs_statfs+0x18c/0x4b0 [cifs]\n statfs_by_dentry+0x9b/0xf0\n fd_statfs+0x4e/0xb0\n __do_sys_fstatfs+0x7f/0xe0\n ? __pfx___do_sys_fstatfs+0x10/0x10\n ? srso_alias_return_thunk+0x5/0x7f\n ? lockdep_hardirqs_on_prepare+0x136/0x200\n ? srso_alias_return_thunk+0x5/0x7f\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\n Allocated by task 27534:\n kasan_save_stack+0x33/0x60\n kasan_set_track+0x25/0x30\n __kasan_kmalloc+0x8f/0xa0\n open_cached_dir+0x71b/0x1240 [cifs]\n smb2_query_info_compound+0x5c3/0x6d0 [cifs]\n smb2_queryfs+0xc2/0x2c0 [cifs]\n smb311_queryfs+0x210/0x220 [cifs]\n cifs_statfs+0x18c/0x4b0 [cifs]\n statfs_by_dentry+0x9b/0xf0\n fd_statfs+0x4e/0xb0\n __do_sys_fstatfs+0x7f/0xe0\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\n Freed by task 27534:\n kasan_save_stack+0x33/0x60\n kasan_set_track+0x25/0x30\n kasan_save_free_info+0x2b/0x50\n ____kasan_slab_free+0x126/0x170\n slab_free_freelist_hook+0xd0/0x1e0\n __kmem_cache_free+0x9d/0x1b0\n open_cached_dir+0xff5/0x1240 [cifs]\n smb2_query_info_compound+0x5c3/0x6d0 [cifs]\n smb2_queryfs+0xc2/0x2c0 [cifs]\n\nThis is a race between open_cached_dir() and cached_dir_lease_break()\nwhere the cache entry for the open directory handle receives a lease\nbreak while creating it. And before returning from open_cached_dir(),\nwe put the last reference of the new @cfid because of\n!@cfid-\u003ehas_lease.\n\nBesides the UAF, while running xfstests a lot of missed lease breaks\nhave been noticed in tests that run several concurrent statfs(2) calls\non those cached fids\n\n CIFS: VFS: \\\\w22-root1.gandalf.test No task to wake, unknown frame...\n CIFS: VFS: \\\\w22-root1.gandalf.test Cmd: 18 Err: 0x0 Flags: 0x1...\n CIFS: VFS: \\\\w22-root1.gandalf.test smb buf 00000000715bfe83 len 108\n CIFS: VFS: Dump pending requests:\n CIFS: VFS: \\\\w22-root1.gandalf.test No task to wake, unknown frame...\n CIFS: VFS: \\\\w22-root1.gandalf.test Cmd: 18 Err: 0x0 Flags: 0x1...\n CIFS: VFS: \\\\w22-root1.gandalf.test smb buf 000000005aa7316e len 108\n ...\n\nTo fix both, in open_cached_dir() ensure that @cfid-\u003ehas_lease is set\nright before sending out compounded request so that any potential\nlease break will be get processed by demultiplex thread while we\u0027re\nstill caching @cfid. And, if open failed for some reason, re-check\n@cfid-\u003ehas_lease to decide whether or not put lease reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52751",
"url": "https://www.suse.com/security/cve/CVE-2023-52751"
},
{
"category": "external",
"summary": "SUSE Bug 1225489 for CVE-2023-52751",
"url": "https://bugzilla.suse.com/1225489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52751"
},
{
"cve": "CVE-2023-52753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid NULL dereference of timing generator\n\n[Why \u0026 How]\nCheck whether assigned timing generator is NULL or not before\naccessing its funcs to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52753",
"url": "https://www.suse.com/security/cve/CVE-2023-52753"
},
{
"category": "external",
"summary": "SUSE Bug 1225478 for CVE-2023-52753",
"url": "https://bugzilla.suse.com/1225478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52753"
},
{
"cve": "CVE-2023-52754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imon: fix access to invalid resource for the second interface\n\nimon driver probes two USB interfaces, and at the probe of the second\ninterface, the driver assumes blindly that the first interface got\nbound with the same imon driver. It\u0027s usually true, but it\u0027s still\npossible that the first interface is bound with another driver via a\nmalformed descriptor. Then it may lead to a memory corruption, as\nspotted by syzkaller; imon driver accesses the data from drvdata as\nstruct imon_context object although it\u0027s a completely different one\nthat was assigned by another driver.\n\nThis patch adds a sanity check -- whether the first interface is\nreally bound with the imon driver or not -- for avoiding the problem\nabove at the probe time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52754",
"url": "https://www.suse.com/security/cve/CVE-2023-52754"
},
{
"category": "external",
"summary": "SUSE Bug 1225490 for CVE-2023-52754",
"url": "https://bugzilla.suse.com/1225490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52754"
},
{
"cve": "CVE-2023-52757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52757"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential deadlock when releasing mids\n\nAll release_mid() callers seem to hold a reference of @mid so there is\nno need to call kref_put(\u0026mid-\u003erefcount, __release_mid) under\n@server-\u003emid_lock spinlock. If they don\u0027t, then an use-after-free bug\nwould have occurred anyways.\n\nBy getting rid of such spinlock also fixes a potential deadlock as\nshown below\n\nCPU 0 CPU 1\n------------------------------------------------------------------\ncifs_demultiplex_thread() cifs_debug_data_proc_show()\n release_mid()\n spin_lock(\u0026server-\u003emid_lock);\n spin_lock(\u0026cifs_tcp_ses_lock)\n\t\t\t\t spin_lock(\u0026server-\u003emid_lock)\n __release_mid()\n smb2_find_smb_tcon()\n spin_lock(\u0026cifs_tcp_ses_lock) *deadlock*",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52757",
"url": "https://www.suse.com/security/cve/CVE-2023-52757"
},
{
"category": "external",
"summary": "SUSE Bug 1225548 for CVE-2023-52757",
"url": "https://bugzilla.suse.com/1225548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52757"
},
{
"cve": "CVE-2023-52759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52759"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52759",
"url": "https://www.suse.com/security/cve/CVE-2023-52759"
},
{
"category": "external",
"summary": "SUSE Bug 1225560 for CVE-2023-52759",
"url": "https://bugzilla.suse.com/1225560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52759"
},
{
"cve": "CVE-2023-52762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-blk: fix implicit overflow on virtio_max_dma_size\n\nThe following codes have an implicit conversion from size_t to u32:\n(u32)max_size = (size_t)virtio_max_dma_size(vdev);\n\nThis may lead overflow, Ex (size_t)4G -\u003e (u32)0. Once\nvirtio_max_dma_size() has a larger size than U32_MAX, use U32_MAX\ninstead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52762",
"url": "https://www.suse.com/security/cve/CVE-2023-52762"
},
{
"category": "external",
"summary": "SUSE Bug 1225573 for CVE-2023-52762",
"url": "https://bugzilla.suse.com/1225573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52762"
},
{
"cve": "CVE-2023-52763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data.\n\nThe `i3c_master_bus_init` function may attach the I2C devices before the\nI3C bus initialization. In this flow, the DAT `alloc_entry`` will be used\nbefore the DAT `init`. Additionally, if the `i3c_master_bus_init` fails,\nthe DAT `cleanup` will execute before the device is detached, which will\nexecue DAT `free_entry` function. The above scenario can cause the driver\nto use DAT_data when it is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52763",
"url": "https://www.suse.com/security/cve/CVE-2023-52763"
},
{
"category": "external",
"summary": "SUSE Bug 1225570 for CVE-2023-52763",
"url": "https://bugzilla.suse.com/1225570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52763"
},
{
"cve": "CVE-2023-52764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker\n\nSyzkaller reported the following issue:\nUBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27\nshift exponent 245 is too large for 32-bit type \u0027int\u0027\n\nWhen the value of the variable \"sd-\u003eparams.exposure.gain\" exceeds the\nnumber of bits in an integer, a shift-out-of-bounds error is reported. It\nis triggered because the variable \"currentexp\" cannot be left-shifted by\nmore than the number of bits in an integer. In order to avoid invalid\nrange during left-shift, the conditional expression is added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52764",
"url": "https://www.suse.com/security/cve/CVE-2023-52764"
},
{
"category": "external",
"summary": "SUSE Bug 1225571 for CVE-2023-52764",
"url": "https://bugzilla.suse.com/1225571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52764"
},
{
"cve": "CVE-2023-52765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: qcom-spmi-pmic: Fix revid implementation\n\nThe Qualcomm SPMI PMIC revid implementation is broken in multiple ways.\n\nFirst, it assumes that just because the sibling base device has been\nregistered that means that it is also bound to a driver, which may not\nbe the case (e.g. due to probe deferral or asynchronous probe). This\ncould trigger a NULL-pointer dereference when attempting to access the\ndriver data of the unbound device.\n\nSecond, it accesses driver data of a sibling device directly and without\nany locking, which means that the driver data may be freed while it is\nbeing accessed (e.g. on driver unbind).\n\nThird, it leaks a struct device reference to the sibling device which is\nlooked up using the spmi_device_from_of() every time a function (child)\ndevice is calling the revid function (e.g. on probe).\n\nFix this mess by reimplementing the revid lookup so that it is done only\nat probe of the PMIC device; the base device fetches the revid info from\nthe hardware, while any secondary SPMI device fetches the information\nfrom the base device and caches it so that it can be accessed safely\nfrom its children. If the base device has not been probed yet then probe\nof a secondary device is deferred.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52765",
"url": "https://www.suse.com/security/cve/CVE-2023-52765"
},
{
"category": "external",
"summary": "SUSE Bug 1225029 for CVE-2023-52765",
"url": "https://bugzilla.suse.com/1225029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52765"
},
{
"cve": "CVE-2023-52766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler\n\nDo not loop over ring headers in hci_dma_irq_handler() that are not\nallocated and enabled in hci_dma_init(). Otherwise out of bounds access\nwill occur from rings-\u003eheaders[i] access when i \u003e= number of allocated\nring headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52766",
"url": "https://www.suse.com/security/cve/CVE-2023-52766"
},
{
"category": "external",
"summary": "SUSE Bug 1230620 for CVE-2023-52766",
"url": "https://bugzilla.suse.com/1230620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52766"
},
{
"cve": "CVE-2023-52767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix NULL deref on tls_sw_splice_eof() with empty record\n\nsyzkaller discovered that if tls_sw_splice_eof() is executed as part of\nsendfile() when the plaintext/ciphertext sk_msg are empty, the send path\ngets confused because the empty ciphertext buffer does not have enough\nspace for the encryption overhead. This causes tls_push_record() to go on\nthe `split = true` path (which is only supposed to be used when interacting\nwith an attached BPF program), and then get further confused and hit the\ntls_merge_open_record() path, which then assumes that there must be at\nleast one populated buffer element, leading to a NULL deref.\n\nIt is possible to have empty plaintext/ciphertext buffers if we previously\nbailed from tls_sw_sendmsg_locked() via the tls_trim_both_msgs() path.\ntls_sw_push_pending_record() already handles this case correctly; let\u0027s do\nthe same check in tls_sw_splice_eof().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52767",
"url": "https://www.suse.com/security/cve/CVE-2023-52767"
},
{
"category": "external",
"summary": "SUSE Bug 1224998 for CVE-2023-52767",
"url": "https://bugzilla.suse.com/1224998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52767"
},
{
"cve": "CVE-2023-52768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: use vmm_table as array in wilc struct\n\nEnabling KASAN and running some iperf tests raises some memory issues with\nvmm_table:\n\nBUG: KASAN: slab-out-of-bounds in wilc_wlan_handle_txq+0x6ac/0xdb4\nWrite of size 4 at addr c3a61540 by task wlan0-tx/95\n\nKASAN detects that we are writing data beyond range allocated to vmm_table.\nThere is indeed a mismatch between the size passed to allocator in\nwilc_wlan_init, and the range of possible indexes used later: allocation\nsize is missing a multiplication by sizeof(u32)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52768",
"url": "https://www.suse.com/security/cve/CVE-2023-52768"
},
{
"category": "external",
"summary": "SUSE Bug 1225004 for CVE-2023-52768",
"url": "https://bugzilla.suse.com/1225004"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52768"
},
{
"cve": "CVE-2023-52769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix htt mlo-offset event locking\n\nThe ath12k active pdevs are protected by RCU but the htt mlo-offset\nevent handling code calling ath12k_mac_get_ar_by_pdev_id() was not\nmarked as a read-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52769",
"url": "https://www.suse.com/security/cve/CVE-2023-52769"
},
{
"category": "external",
"summary": "SUSE Bug 1225001 for CVE-2023-52769",
"url": "https://bugzilla.suse.com/1225001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52769"
},
{
"cve": "CVE-2023-52771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/port: Fix delete_endpoint() vs parent unregistration race\n\nThe CXL subsystem, at cxl_mem -\u003eprobe() time, establishes a lineage of\nports (struct cxl_port objects) between an endpoint and the root of a\nCXL topology. Each port including the endpoint port is attached to the\ncxl_port driver.\n\nGiven that setup, it follows that when either any port in that lineage\ngoes through a cxl_port -\u003eremove() event, or the memdev goes through a\ncxl_mem -\u003eremove() event. The hierarchy below the removed port, or the\nentire hierarchy if the memdev is removed needs to come down.\n\nThe delete_endpoint() callback is careful to check whether it is being\ncalled to tear down the hierarchy, or if it is only being called to\nteardown the memdev because an ancestor port is going through\n-\u003eremove().\n\nThat care needs to take the device_lock() of the endpoint\u0027s parent.\nWhich requires 2 bugs to be fixed:\n\n1/ A reference on the parent is needed to prevent use-after-free\n scenarios like this signature:\n\n BUG: spinlock bad magic on CPU#0, kworker/u56:0/11\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS edk2-20230524-3.fc38 05/24/2023\n Workqueue: cxl_port detach_memdev [cxl_core]\n RIP: 0010:spin_bug+0x65/0xa0\n Call Trace:\n do_raw_spin_lock+0x69/0xa0\n __mutex_lock+0x695/0xb80\n delete_endpoint+0xad/0x150 [cxl_core]\n devres_release_all+0xb8/0x110\n device_unbind_cleanup+0xe/0x70\n device_release_driver_internal+0x1d2/0x210\n detach_memdev+0x15/0x20 [cxl_core]\n process_one_work+0x1e3/0x4c0\n worker_thread+0x1dd/0x3d0\n\n2/ In the case of RCH topologies, the parent device that needs to be\n locked is not always @port-\u003edev as returned by cxl_mem_find_port(), use\n endpoint-\u003edev.parent instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52771",
"url": "https://www.suse.com/security/cve/CVE-2023-52771"
},
{
"category": "external",
"summary": "SUSE Bug 1225007 for CVE-2023-52771",
"url": "https://bugzilla.suse.com/1225007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52771"
},
{
"cve": "CVE-2023-52772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: fix use-after-free in unix_stream_read_actor()\n\nsyzbot reported the following crash [1]\n\nAfter releasing unix socket lock, u-\u003eoob_skb can be changed\nby another thread. We must temporarily increase skb refcount\nto make sure this other thread will not free the skb under us.\n\n[1]\n\nBUG: KASAN: slab-use-after-free in unix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866\nRead of size 4 at addr ffff88801f3b9cc4 by task syz-executor107/5297\n\nCPU: 1 PID: 5297 Comm: syz-executor107 Not tainted 6.6.0-syzkaller-15910-gb8e3a87a627b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nCall Trace:\n\u003cTASK\u003e\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:364 [inline]\nprint_report+0xc4/0x620 mm/kasan/report.c:475\nkasan_report+0xda/0x110 mm/kasan/report.c:588\nunix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866\nunix_stream_recv_urg net/unix/af_unix.c:2587 [inline]\nunix_stream_read_generic+0x19a5/0x2480 net/unix/af_unix.c:2666\nunix_stream_recvmsg+0x189/0x1b0 net/unix/af_unix.c:2903\nsock_recvmsg_nosec net/socket.c:1044 [inline]\nsock_recvmsg+0xe2/0x170 net/socket.c:1066\n____sys_recvmsg+0x21f/0x5c0 net/socket.c:2803\n___sys_recvmsg+0x115/0x1a0 net/socket.c:2845\n__sys_recvmsg+0x114/0x1e0 net/socket.c:2875\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\nRIP: 0033:0x7fc67492c559\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fc6748ab228 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\nRAX: ffffffffffffffda RBX: 000000000000001c RCX: 00007fc67492c559\nRDX: 0000000040010083 RSI: 0000000020000140 RDI: 0000000000000004\nRBP: 00007fc6749b6348 R08: 00007fc6748ab6c0 R09: 00007fc6748ab6c0\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6749b6340\nR13: 00007fc6749b634c R14: 00007ffe9fac52a0 R15: 00007ffe9fac5388\n\u003c/TASK\u003e\n\nAllocated by task 5295:\nkasan_save_stack+0x33/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\n__kasan_slab_alloc+0x81/0x90 mm/kasan/common.c:328\nkasan_slab_alloc include/linux/kasan.h:188 [inline]\nslab_post_alloc_hook mm/slab.h:763 [inline]\nslab_alloc_node mm/slub.c:3478 [inline]\nkmem_cache_alloc_node+0x180/0x3c0 mm/slub.c:3523\n__alloc_skb+0x287/0x330 net/core/skbuff.c:641\nalloc_skb include/linux/skbuff.h:1286 [inline]\nalloc_skb_with_frags+0xe4/0x710 net/core/skbuff.c:6331\nsock_alloc_send_pskb+0x7e4/0x970 net/core/sock.c:2780\nsock_alloc_send_skb include/net/sock.h:1884 [inline]\nqueue_oob net/unix/af_unix.c:2147 [inline]\nunix_stream_sendmsg+0xb5f/0x10a0 net/unix/af_unix.c:2301\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg+0xd5/0x180 net/socket.c:745\n____sys_sendmsg+0x6ac/0x940 net/socket.c:2584\n___sys_sendmsg+0x135/0x1d0 net/socket.c:2638\n__sys_sendmsg+0x117/0x1e0 net/socket.c:2667\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nFreed by task 5295:\nkasan_save_stack+0x33/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\nkasan_save_free_info+0x2b/0x40 mm/kasan/generic.c:522\n____kasan_slab_free mm/kasan/common.c:236 [inline]\n____kasan_slab_free+0x15b/0x1b0 mm/kasan/common.c:200\nkasan_slab_free include/linux/kasan.h:164 [inline]\nslab_free_hook mm/slub.c:1800 [inline]\nslab_free_freelist_hook+0x114/0x1e0 mm/slub.c:1826\nslab_free mm/slub.c:3809 [inline]\nkmem_cache_free+0xf8/0x340 mm/slub.c:3831\nkfree_skbmem+0xef/0x1b0 net/core/skbuff.c:1015\n__kfree_skb net/core/skbuff.c:1073 [inline]\nconsume_skb net/core/skbuff.c:1288 [inline]\nconsume_skb+0xdf/0x170 net/core/skbuff.c:1282\nqueue_oob net/unix/af_unix.c:2178 [inline]\nu\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52772",
"url": "https://www.suse.com/security/cve/CVE-2023-52772"
},
{
"category": "external",
"summary": "SUSE Bug 1224989 for CVE-2023-52772",
"url": "https://bugzilla.suse.com/1224989"
},
{
"category": "external",
"summary": "SUSE Bug 1224991 for CVE-2023-52772",
"url": "https://bugzilla.suse.com/1224991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52772"
},
{
"cve": "CVE-2023-52773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()\n\nWhen ddc_service_construct() is called, it explicitly checks both the\nlink type and whether there is something on the link which will\ndictate whether the pin is marked as hw_supported.\n\nIf the pin isn\u0027t set or the link is not set (such as from\nunloading/reloading amdgpu in an IGT test) then fail the\namdgpu_dm_i2c_xfer() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52773",
"url": "https://www.suse.com/security/cve/CVE-2023-52773"
},
{
"category": "external",
"summary": "SUSE Bug 1225041 for CVE-2023-52773",
"url": "https://bugzilla.suse.com/1225041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52773"
},
{
"cve": "CVE-2023-52774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52774"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: protect device queue against concurrent access\n\nIn dasd_profile_start() the amount of requests on the device queue are\ncounted. The access to the device queue is unprotected against\nconcurrent access. With a lot of parallel I/O, especially with alias\ndevices enabled, the device queue can change while dasd_profile_start()\nis accessing the queue. In the worst case this leads to a kernel panic\ndue to incorrect pointer accesses.\n\nFix this by taking the device lock before accessing the queue and\ncounting the requests. Additionally the check for a valid profile data\npointer can be done earlier to avoid unnecessary locking in a hot path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52774",
"url": "https://www.suse.com/security/cve/CVE-2023-52774"
},
{
"category": "external",
"summary": "SUSE Bug 1225572 for CVE-2023-52774",
"url": "https://bugzilla.suse.com/1225572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52774"
},
{
"cve": "CVE-2023-52775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: avoid data corruption caused by decline\n\nWe found a data corruption issue during testing of SMC-R on Redis\napplications.\n\nThe benchmark has a low probability of reporting a strange error as\nshown below.\n\n\"Error: Protocol error, got \"\\xe2\" as reply type byte\"\n\nFinally, we found that the retrieved error data was as follows:\n\n0xE2 0xD4 0xC3 0xD9 0x04 0x00 0x2C 0x20 0xA6 0x56 0x00 0x16 0x3E 0x0C\n0xCB 0x04 0x02 0x01 0x00 0x00 0x20 0x00 0x00 0x00 0x00 0x00 0x00 0x00\n0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0xE2\n\nIt is quite obvious that this is a SMC DECLINE message, which means that\nthe applications received SMC protocol message.\nWe found that this was caused by the following situations:\n\nclient server\n | clc proposal\n -------------\u003e\n | clc accept\n \u003c-------------\n | clc confirm\n -------------\u003e\nwait llc confirm\n\t\t\tsend llc confirm\n |failed llc confirm\n | x------\n(after 2s)timeout\n wait llc confirm rsp\n\nwait decline\n\n(after 1s) timeout\n (after 2s) timeout\n | decline\n --------------\u003e\n | decline\n \u003c--------------\n\nAs a result, a decline message was sent in the implementation, and this\nmessage was read from TCP by the already-fallback connection.\n\nThis patch double the client timeout as 2x of the server value,\nWith this simple change, the Decline messages should never cross or\ncollide (during Confirm link timeout).\n\nThis issue requires an immediate solution, since the protocol updates\ninvolve a more long-term solution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52775",
"url": "https://www.suse.com/security/cve/CVE-2023-52775"
},
{
"category": "external",
"summary": "SUSE Bug 1225088 for CVE-2023-52775",
"url": "https://bugzilla.suse.com/1225088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52775"
},
{
"cve": "CVE-2023-52776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52776"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix dfs-radar and temperature event locking\n\nThe ath12k active pdevs are protected by RCU but the DFS-radar and\ntemperature event handling code calling ath12k_mac_get_ar_by_pdev_id()\nwas not marked as a read-side critical section.\n\nMark the code in question as RCU read-side critical sections to avoid\nany potential use-after-free issues.\n\nNote that the temperature event handler looks like a place holder\ncurrently but would still trigger an RCU lockdep splat.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52776",
"url": "https://www.suse.com/security/cve/CVE-2023-52776"
},
{
"category": "external",
"summary": "SUSE Bug 1225090 for CVE-2023-52776",
"url": "https://bugzilla.suse.com/1225090"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52776"
},
{
"cve": "CVE-2023-52777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52777"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix gtk offload status event locking\n\nThe ath11k active pdevs are protected by RCU but the gtk offload status\nevent handling code calling ath11k_mac_get_arvif_by_vdev_id() was not\nmarked as a read-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52777",
"url": "https://www.suse.com/security/cve/CVE-2023-52777"
},
{
"category": "external",
"summary": "SUSE Bug 1224992 for CVE-2023-52777",
"url": "https://bugzilla.suse.com/1224992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52777"
},
{
"cve": "CVE-2023-52780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvneta: fix calls to page_pool_get_stats\n\nCalling page_pool_get_stats in the mvneta driver without checks\nleads to kernel crashes.\nFirst the page pool is only available if the bm is not used.\nThe page pool is also not allocated when the port is stopped.\nIt can also be not allocated in case of errors.\n\nThe current implementation leads to the following crash calling\nethstats on a port that is down or when calling it at the wrong moment:\n\nble to handle kernel NULL pointer dereference at virtual address 00000070\n[00000070] *pgd=00000000\nInternal error: Oops: 5 [#1] SMP ARM\nHardware name: Marvell Armada 380/385 (Device Tree)\nPC is at page_pool_get_stats+0x18/0x1cc\nLR is at mvneta_ethtool_get_stats+0xa0/0xe0 [mvneta]\npc : [\u003cc0b413cc\u003e] lr : [\u003cbf0a98d8\u003e] psr: a0000013\nsp : f1439d48 ip : f1439dc0 fp : 0000001d\nr10: 00000100 r9 : c4816b80 r8 : f0d75150\nr7 : bf0b400c r6 : c238f000 r5 : 00000000 r4 : f1439d68\nr3 : c2091040 r2 : ffffffd8 r1 : f1439d68 r0 : 00000000\nFlags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\nControl: 10c5387d Table: 066b004a DAC: 00000051\nRegister r0 information: NULL pointer\nRegister r1 information: 2-page vmalloc region starting at 0xf1438000 allocated at kernel_clone+0x9c/0x390\nRegister r2 information: non-paged memory\nRegister r3 information: slab kmalloc-2k start c2091000 pointer offset 64 size 2048\nRegister r4 information: 2-page vmalloc region starting at 0xf1438000 allocated at kernel_clone+0x9c/0x390\nRegister r5 information: NULL pointer\nRegister r6 information: slab kmalloc-cg-4k start c238f000 pointer offset 0 size 4096\nRegister r7 information: 15-page vmalloc region starting at 0xbf0a8000 allocated at load_module+0xa30/0x219c\nRegister r8 information: 1-page vmalloc region starting at 0xf0d75000 allocated at ethtool_get_stats+0x138/0x208\nRegister r9 information: slab task_struct start c4816b80 pointer offset 0\nRegister r10 information: non-paged memory\nRegister r11 information: non-paged memory\nRegister r12 information: 2-page vmalloc region starting at 0xf1438000 allocated at kernel_clone+0x9c/0x390\nProcess snmpd (pid: 733, stack limit = 0x38de3a88)\nStack: (0xf1439d48 to 0xf143a000)\n9d40: 000000c0 00000001 c238f000 bf0b400c f0d75150 c4816b80\n9d60: 00000100 bf0a98d8 00000000 00000000 00000000 00000000 00000000 00000000\n9d80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n9da0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n9dc0: 00000dc0 5335509c 00000035 c238f000 bf0b2214 01067f50 f0d75000 c0b9b9c8\n9de0: 0000001d 00000035 c2212094 5335509c c4816b80 c238f000 c5ad6e00 01067f50\n9e00: c1b0be80 c4816b80 00014813 c0b9d7f0 00000000 00000000 0000001d 0000001d\n9e20: 00000000 00001200 00000000 00000000 c216ed90 c73943b8 00000000 00000000\n9e40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n9e60: 00000000 c0ad9034 00000000 00000000 00000000 00000000 00000000 00000000\n9e80: 00000000 00000000 00000000 5335509c c1b0be80 f1439ee4 00008946 c1b0be80\n9ea0: 01067f50 f1439ee3 00000000 00000046 b6d77ae0 c0b383f0 00008946 becc83e8\n9ec0: c1b0be80 00000051 0000000b c68ca480 c7172d00 c0ad8ff0 f1439ee3 cf600e40\n9ee0: 01600e40 32687465 00000000 00000000 00000000 01067f50 00000000 00000000\n9f00: 00000000 5335509c 00008946 00008946 00000000 c68ca480 becc83e8 c05e2de0\n9f20: f1439fb0 c03002f0 00000006 5ac3c35a c4816b80 00000006 b6d77ae0 c030caf0\n9f40: c4817350 00000014 f1439e1c 0000000c 00000000 00000051 01000000 00000014\n9f60: 00003fec f1439edc 00000001 c0372abc b6d77ae0 c0372abc cf600e40 5335509c\n9f80: c21e6800 01015c9c 0000000b 00008946 00000036 c03002f0 c4816b80 00000036\n9fa0: b6d77ae0 c03000c0 01015c9c 0000000b 0000000b 00008946 becc83e8 00000000\n9fc0: 01015c9c 0000000b 00008946 00000036 00000035 010678a0 b6d797ec b6d77ae0\n9fe0: b6dbf738 becc838c b6d186d7 b6baa858 40000030 0000000b 00000000 00000000\n page_pool_get_s\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52780",
"url": "https://www.suse.com/security/cve/CVE-2023-52780"
},
{
"category": "external",
"summary": "SUSE Bug 1224933 for CVE-2023-52780",
"url": "https://bugzilla.suse.com/1224933"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52780"
},
{
"cve": "CVE-2023-52781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: config: fix iteration issue in \u0027usb_get_bos_descriptor()\u0027\n\nThe BOS descriptor defines a root descriptor and is the base descriptor for\naccessing a family of related descriptors.\n\nFunction \u0027usb_get_bos_descriptor()\u0027 encounters an iteration issue when\nskipping the \u0027USB_DT_DEVICE_CAPABILITY\u0027 descriptor type. This results in\nthe same descriptor being read repeatedly.\n\nTo address this issue, a \u0027goto\u0027 statement is introduced to ensure that the\npointer and the amount read is updated correctly. This ensures that the\nfunction iterates to the next descriptor instead of reading the same\ndescriptor repeatedly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52781",
"url": "https://www.suse.com/security/cve/CVE-2023-52781"
},
{
"category": "external",
"summary": "SUSE Bug 1225092 for CVE-2023-52781",
"url": "https://bugzilla.suse.com/1225092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52781"
},
{
"cve": "CVE-2023-52782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Track xmit submission to PTP WQ after populating metadata map\n\nEnsure the skb is available in metadata mapping to skbs before tracking the\nmetadata index for detecting undelivered CQEs. If the metadata index is put\nin the tracking list before putting the skb in the map, the metadata index\nmight be used for detecting undelivered CQEs before the relevant skb is\navailable in the map, which can lead to a null-ptr-deref.\n\nLog:\n general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN\n KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n CPU: 0 PID: 1243 Comm: kworker/0:2 Not tainted 6.6.0-rc4+ #108\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: events mlx5e_rx_dim_work [mlx5_core]\n RIP: 0010:mlx5e_ptp_napi_poll+0x9a4/0x2290 [mlx5_core]\n Code: 8c 24 38 cc ff ff 4c 8d 3c c1 4c 89 f9 48 c1 e9 03 42 80 3c 31 00 0f 85 97 0f 00 00 4d 8b 3f 49 8d 7f 28 48 89 f9 48 c1 e9 03 \u003c42\u003e 80 3c 31 00 0f 85 8b 0f 00 00 49 8b 47 28 48 85 c0 0f 84 05 07\n RSP: 0018:ffff8884d3c09c88 EFLAGS: 00010206\n RAX: 0000000000000069 RBX: ffff8881160349d8 RCX: 0000000000000005\n RDX: ffffed10218f48cf RSI: 0000000000000004 RDI: 0000000000000028\n RBP: ffff888122707700 R08: 0000000000000001 R09: ffffed109a781383\n R10: 0000000000000003 R11: 0000000000000003 R12: ffff88810c7a7a40\n R13: ffff888122707700 R14: dffffc0000000000 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8884d3c00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f878dd6e0 CR3: 000000014d108002 CR4: 0000000000370eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cIRQ\u003e\n ? die_addr+0x3c/0xa0\n ? exc_general_protection+0x144/0x210\n ? asm_exc_general_protection+0x22/0x30\n ? mlx5e_ptp_napi_poll+0x9a4/0x2290 [mlx5_core]\n ? mlx5e_ptp_napi_poll+0x8f6/0x2290 [mlx5_core]\n __napi_poll.constprop.0+0xa4/0x580\n net_rx_action+0x460/0xb80\n ? _raw_spin_unlock_irqrestore+0x32/0x60\n ? __napi_poll.constprop.0+0x580/0x580\n ? tasklet_action_common.isra.0+0x2ef/0x760\n __do_softirq+0x26c/0x827\n irq_exit_rcu+0xc2/0x100\n common_interrupt+0x7f/0xa0\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_common_interrupt+0x22/0x40\n RIP: 0010:__kmem_cache_alloc_node+0xb/0x330\n Code: 41 5d 41 5e 41 5f c3 8b 44 24 14 8b 4c 24 10 09 c8 eb d5 e8 b7 43 ca 01 0f 1f 80 00 00 00 00 0f 1f 44 00 00 55 48 89 e5 41 57 \u003c41\u003e 56 41 89 d6 41 55 41 89 f5 41 54 49 89 fc 53 48 83 e4 f0 48 83\n RSP: 0018:ffff88812c4079c0 EFLAGS: 00000246\n RAX: 1ffffffff083c7fe RBX: ffff888100042dc0 RCX: 0000000000000218\n RDX: 00000000ffffffff RSI: 0000000000000dc0 RDI: ffff888100042dc0\n RBP: ffff88812c4079c8 R08: ffffffffa0289f96 R09: ffffed1025880ea9\n R10: ffff888138839f80 R11: 0000000000000002 R12: 0000000000000dc0\n R13: 0000000000000100 R14: 000000000000008c R15: ffff8881271fc450\n ? cmd_exec+0x796/0x2200 [mlx5_core]\n kmalloc_trace+0x26/0xc0\n cmd_exec+0x796/0x2200 [mlx5_core]\n mlx5_cmd_do+0x22/0xc0 [mlx5_core]\n mlx5_cmd_exec+0x17/0x30 [mlx5_core]\n mlx5_core_modify_cq_moderation+0x139/0x1b0 [mlx5_core]\n ? mlx5_add_cq_to_tasklet+0x280/0x280 [mlx5_core]\n ? lockdep_set_lock_cmp_fn+0x190/0x190\n ? process_one_work+0x659/0x1220\n mlx5e_rx_dim_work+0x9d/0x100 [mlx5_core]\n process_one_work+0x730/0x1220\n ? lockdep_hardirqs_on_prepare+0x400/0x400\n ? max_active_store+0xf0/0xf0\n ? assign_work+0x168/0x240\n worker_thread+0x70f/0x12d0\n ? __kthread_parkme+0xd1/0x1d0\n ? process_one_work+0x1220/0x1220\n kthread+0x2d9/0x3b0\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x2d/0x70\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork_as\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52782",
"url": "https://www.suse.com/security/cve/CVE-2023-52782"
},
{
"category": "external",
"summary": "SUSE Bug 1225103 for CVE-2023-52782",
"url": "https://bugzilla.suse.com/1225103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52782"
},
{
"cve": "CVE-2023-52783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52783"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wangxun: fix kernel panic due to null pointer\n\nWhen the device uses a custom subsystem vendor ID, the function\nwx_sw_init() returns before the memory of \u0027wx-\u003emac_table\u0027 is allocated.\nThe null pointer will causes the kernel panic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52783",
"url": "https://www.suse.com/security/cve/CVE-2023-52783"
},
{
"category": "external",
"summary": "SUSE Bug 1225104 for CVE-2023-52783",
"url": "https://bugzilla.suse.com/1225104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52783"
},
{
"cve": "CVE-2023-52784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: stop the device in bond_setup_by_slave()\n\nCommit 9eed321cde22 (\"net: lapbether: only support ethernet devices\")\nhas been able to keep syzbot away from net/lapb, until today.\n\nIn the following splat [1], the issue is that a lapbether device has\nbeen created on a bonding device without members. Then adding a non\nARPHRD_ETHER member forced the bonding master to change its type.\n\nThe fix is to make sure we call dev_close() in bond_setup_by_slave()\nso that the potential linked lapbether devices (or any other devices\nhaving assumptions on the physical device) are removed.\n\nA similar bug has been addressed in commit 40baec225765\n(\"bonding: fix panic on non-ARPHRD_ETHER enslave failure\")\n\n[1]\nskbuff: skb_under_panic: text:ffff800089508810 len:44 put:40 head:ffff0000c78e7c00 data:ffff0000c78e7bea tail:0x16 end:0x140 dev:bond0\nkernel BUG at net/core/skbuff.c:192 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 6007 Comm: syz-executor383 Not tainted 6.6.0-rc3-syzkaller-gbf6547d8715b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : skb_panic net/core/skbuff.c:188 [inline]\npc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nlr : skb_panic net/core/skbuff.c:188 [inline]\nlr : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nsp : ffff800096a06aa0\nx29: ffff800096a06ab0 x28: ffff800096a06ba0 x27: dfff800000000000\nx26: ffff0000ce9b9b50 x25: 0000000000000016 x24: ffff0000c78e7bea\nx23: ffff0000c78e7c00 x22: 000000000000002c x21: 0000000000000140\nx20: 0000000000000028 x19: ffff800089508810 x18: ffff800096a06100\nx17: 0000000000000000 x16: ffff80008a629a3c x15: 0000000000000001\nx14: 1fffe00036837a32 x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000201 x10: 0000000000000000 x9 : cb50b496c519aa00\nx8 : cb50b496c519aa00 x7 : 0000000000000001 x6 : 0000000000000001\nx5 : ffff800096a063b8 x4 : ffff80008e280f80 x3 : ffff8000805ad11c\nx2 : 0000000000000001 x1 : 0000000100000201 x0 : 0000000000000086\nCall trace:\nskb_panic net/core/skbuff.c:188 [inline]\nskb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nskb_push+0xf0/0x108 net/core/skbuff.c:2446\nip6gre_header+0xbc/0x738 net/ipv6/ip6_gre.c:1384\ndev_hard_header include/linux/netdevice.h:3136 [inline]\nlapbeth_data_transmit+0x1c4/0x298 drivers/net/wan/lapbether.c:257\nlapb_data_transmit+0x8c/0xb0 net/lapb/lapb_iface.c:447\nlapb_transmit_buffer+0x178/0x204 net/lapb/lapb_out.c:149\nlapb_send_control+0x220/0x320 net/lapb/lapb_subr.c:251\n__lapb_disconnect_request+0x9c/0x17c net/lapb/lapb_iface.c:326\nlapb_device_event+0x288/0x4e0 net/lapb/lapb_iface.c:492\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nlapbeth_device_event+0x2e4/0x958 drivers/net/wan/lapbether.c:466\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nbond_enslave+0x2298/0x30cc drivers/net/bonding/bond_main.c:2332\nbond_do_ioctl+0x268/0xc64 drivers/net/bonding/bond_main.c:4539\ndev_ifsioc+0x754/0x9ac\ndev_ioctl+0x4d8/0xd34 net/core/dev_ioctl.c:786\nsock_do_ioctl+0x1d4/0x2d0 net/socket.c:1217\nsock_ioctl+0x4e8/0x834 net/socket.c:1322\nvfs_ioctl fs/ioctl.c:51 [inline]\n__do_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52784",
"url": "https://www.suse.com/security/cve/CVE-2023-52784"
},
{
"category": "external",
"summary": "SUSE Bug 1224946 for CVE-2023-52784",
"url": "https://bugzilla.suse.com/1224946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52784"
},
{
"cve": "CVE-2023-52786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52786"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix racy may inline data check in dio write\n\nsyzbot reports that the following warning from ext4_iomap_begin()\ntriggers as of the commit referenced below:\n\n if (WARN_ON_ONCE(ext4_has_inline_data(inode)))\n return -ERANGE;\n\nThis occurs during a dio write, which is never expected to encounter\nan inode with inline data. To enforce this behavior,\next4_dio_write_iter() checks the current inline state of the inode\nand clears the MAY_INLINE_DATA state flag to either fall back to\nbuffered writes, or enforce that any other writers in progress on\nthe inode are not allowed to create inline data.\n\nThe problem is that the check for existing inline data and the state\nflag can span a lock cycle. For example, if the ilock is originally\nlocked shared and subsequently upgraded to exclusive, another writer\nmay have reacquired the lock and created inline data before the dio\nwrite task acquires the lock and proceeds.\n\nThe commit referenced below loosens the lock requirements to allow\nsome forms of unaligned dio writes to occur under shared lock, but\nAFAICT the inline data check was technically already racy for any\ndio write that would have involved a lock cycle. Regardless, lift\nclearing of the state bit to the same lock critical section that\nchecks for preexisting inline data on the inode to close the race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52786",
"url": "https://www.suse.com/security/cve/CVE-2023-52786"
},
{
"category": "external",
"summary": "SUSE Bug 1224939 for CVE-2023-52786",
"url": "https://bugzilla.suse.com/1224939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "low"
}
],
"title": "CVE-2023-52786"
},
{
"cve": "CVE-2023-52787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: make sure active queue usage is held for bio_integrity_prep()\n\nblk_integrity_unregister() can come if queue usage counter isn\u0027t held\nfor one bio with integrity prepared, so this request may be completed with\ncalling profile-\u003ecomplete_fn, then kernel panic.\n\nAnother constraint is that bio_integrity_prep() needs to be called\nbefore bio merge.\n\nFix the issue by:\n\n- call bio_integrity_prep() with one queue usage counter grabbed reliably\n\n- call bio_integrity_prep() before bio merge",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52787",
"url": "https://www.suse.com/security/cve/CVE-2023-52787"
},
{
"category": "external",
"summary": "SUSE Bug 1225105 for CVE-2023-52787",
"url": "https://bugzilla.suse.com/1225105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52787"
},
{
"cve": "CVE-2023-52788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni915/perf: Fix NULL deref bugs with drm_dbg() calls\n\nWhen i915 perf interface is not available dereferencing it will lead to\nNULL dereferences.\n\nAs returning -ENOTSUPP is pretty clear return when perf interface is not\navailable.\n\n[tursulin: added stable tag]\n(cherry picked from commit 36f27350ff745bd228ab04d7845dfbffc177a889)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52788",
"url": "https://www.suse.com/security/cve/CVE-2023-52788"
},
{
"category": "external",
"summary": "SUSE Bug 1225106 for CVE-2023-52788",
"url": "https://bugzilla.suse.com/1225106"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52788"
},
{
"cve": "CVE-2023-52789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: vcc: Add check for kstrdup() in vcc_probe()\n\nAdd check for the return value of kstrdup() and return the error, if it\nfails in order to avoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52789",
"url": "https://www.suse.com/security/cve/CVE-2023-52789"
},
{
"category": "external",
"summary": "SUSE Bug 1225180 for CVE-2023-52789",
"url": "https://bugzilla.suse.com/1225180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52789"
},
{
"cve": "CVE-2023-52791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: core: Run atomic i2c xfer when !preemptible\n\nSince bae1d3a05a8b, i2c transfers are non-atomic if preemption is\ndisabled. However, non-atomic i2c transfers require preemption (e.g. in\nwait_for_completion() while waiting for the DMA).\n\npanic() calls preempt_disable_notrace() before calling\nemergency_restart(). Therefore, if an i2c device is used for the\nrestart, the xfer should be atomic. This avoids warnings like:\n\n[ 12.667612] WARNING: CPU: 1 PID: 1 at kernel/rcu/tree_plugin.h:318 rcu_note_context_switch+0x33c/0x6b0\n[ 12.676926] Voluntary context switch within RCU read-side critical section!\n...\n[ 12.742376] schedule_timeout from wait_for_completion_timeout+0x90/0x114\n[ 12.749179] wait_for_completion_timeout from tegra_i2c_wait_completion+0x40/0x70\n...\n[ 12.994527] atomic_notifier_call_chain from machine_restart+0x34/0x58\n[ 13.001050] machine_restart from panic+0x2a8/0x32c\n\nUse !preemptible() instead, which is basically the same check as\npre-v5.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52791",
"url": "https://www.suse.com/security/cve/CVE-2023-52791"
},
{
"category": "external",
"summary": "SUSE Bug 1225108 for CVE-2023-52791",
"url": "https://bugzilla.suse.com/1225108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52791"
},
{
"cve": "CVE-2023-52792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/region: Do not try to cleanup after cxl_region_setup_targets() fails\n\nCommit 5e42bcbc3fef (\"cxl/region: decrement -\u003enr_targets on error in\ncxl_region_attach()\") tried to avoid \u0027eiw\u0027 initialization errors when\n-\u003enr_targets exceeded 16, by just decrementing -\u003enr_targets when\ncxl_region_setup_targets() failed.\n\nCommit 86987c766276 (\"cxl/region: Cleanup target list on attach error\")\nextended that cleanup to also clear cxled-\u003epos and p-\u003etargets[pos]. The\ninitialization error was incidentally fixed separately by:\nCommit 8d4285425714 (\"cxl/region: Fix port setup uninitialized variable\nwarnings\") which was merged a few days after 5e42bcbc3fef.\n\nBut now the original cleanup when cxl_region_setup_targets() fails\nprevents endpoint and switch decoder resources from being reused:\n\n1) the cleanup does not set the decoder\u0027s region to NULL, which results\n in future dpa_size_store() calls returning -EBUSY\n2) the decoder is not properly freed, which results in future commit\n errors associated with the upstream switch\n\nNow that the initialization errors were fixed separately, the proper\ncleanup for this case is to just return immediately. Then the resources\nassociated with this target get cleanup up as normal when the failed\nregion is deleted.\n\nThe -\u003enr_targets decrement in the error case also helped prevent\na p-\u003etargets[] array overflow, so add a new check to prevent against\nthat overflow.\n\nTested by trying to create an invalid region for a 2 switch * 2 endpoint\ntopology, and then following up with creating a valid region.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52792",
"url": "https://www.suse.com/security/cve/CVE-2023-52792"
},
{
"category": "external",
"summary": "SUSE Bug 1225477 for CVE-2023-52792",
"url": "https://bugzilla.suse.com/1225477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52792"
},
{
"cve": "CVE-2023-52794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: intel: powerclamp: fix mismatch in get function for max_idle\n\nKASAN reported this\n\n [ 444.853098] BUG: KASAN: global-out-of-bounds in param_get_int+0x77/0x90\n [ 444.853111] Read of size 4 at addr ffffffffc16c9220 by task cat/2105\n ...\n [ 444.853442] The buggy address belongs to the variable:\n [ 444.853443] max_idle+0x0/0xffffffffffffcde0 [intel_powerclamp]\n\nThere is a mismatch between the param_get_int and the definition of\nmax_idle. Replacing param_get_int with param_get_byte resolves this\nissue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52794",
"url": "https://www.suse.com/security/cve/CVE-2023-52794"
},
{
"category": "external",
"summary": "SUSE Bug 1225028 for CVE-2023-52794",
"url": "https://bugzilla.suse.com/1225028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "low"
}
],
"title": "CVE-2023-52794"
},
{
"cve": "CVE-2023-52795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52795"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-vdpa: fix use after free in vhost_vdpa_probe()\n\nThe put_device() calls vhost_vdpa_release_dev() which calls\nida_simple_remove() and frees \"v\". So this call to\nida_simple_remove() is a use after free and a double free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52795",
"url": "https://www.suse.com/security/cve/CVE-2023-52795"
},
{
"category": "external",
"summary": "SUSE Bug 1225085 for CVE-2023-52795",
"url": "https://bugzilla.suse.com/1225085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52795"
},
{
"cve": "CVE-2023-52796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: add ipvlan_route_v6_outbound() helper\n\nInspired by syzbot reports using a stack of multiple ipvlan devices.\n\nReduce stack size needed in ipvlan_process_v6_outbound() by moving\nthe flowi6 struct used for the route lookup in an non inlined\nhelper. ipvlan_route_v6_outbound() needs 120 bytes on the stack,\nimmediately reclaimed.\n\nAlso make sure ipvlan_process_v4_outbound() is not inlined.\n\nWe might also have to lower MAX_NEST_DEV, because only syzbot uses\nsetups with more than four stacked devices.\n\nBUG: TASK stack guard page was hit at ffffc9000e803ff8 (stack is ffffc9000e804000..ffffc9000e808000)\nstack guard page: 0000 [#1] SMP KASAN\nCPU: 0 PID: 13442 Comm: syz-executor.4 Not tainted 6.1.52-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nRIP: 0010:kasan_check_range+0x4/0x2a0 mm/kasan/generic.c:188\nCode: 48 01 c6 48 89 c7 e8 db 4e c1 03 31 c0 5d c3 cc 0f 0b eb 02 0f 0b b8 ea ff ff ff 5d c3 cc 00 00 cc cc 00 00 cc cc 55 48 89 e5 \u003c41\u003e 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 a4 01 00 00 48 89\nRSP: 0018:ffffc9000e804000 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817e5bf2\nRDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff887c6568\nRBP: ffffc9000e804000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92001d0080c\nR13: dffffc0000000000 R14: ffffffff87e6b100 R15: 0000000000000000\nFS: 00007fd0c55826c0(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000e803ff8 CR3: 0000000170ef7000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003c#DF\u003e\n\u003c/#DF\u003e\n\u003cTASK\u003e\n[\u003cffffffff81f281d1\u003e] __kasan_check_read+0x11/0x20 mm/kasan/shadow.c:31\n[\u003cffffffff817e5bf2\u003e] instrument_atomic_read include/linux/instrumented.h:72 [inline]\n[\u003cffffffff817e5bf2\u003e] _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n[\u003cffffffff817e5bf2\u003e] cpumask_test_cpu include/linux/cpumask.h:506 [inline]\n[\u003cffffffff817e5bf2\u003e] cpu_online include/linux/cpumask.h:1092 [inline]\n[\u003cffffffff817e5bf2\u003e] trace_lock_acquire include/trace/events/lock.h:24 [inline]\n[\u003cffffffff817e5bf2\u003e] lock_acquire+0xe2/0x590 kernel/locking/lockdep.c:5632\n[\u003cffffffff8563221e\u003e] rcu_lock_acquire+0x2e/0x40 include/linux/rcupdate.h:306\n[\u003cffffffff8561464d\u003e] rcu_read_lock include/linux/rcupdate.h:747 [inline]\n[\u003cffffffff8561464d\u003e] ip6_pol_route+0x15d/0x1440 net/ipv6/route.c:2221\n[\u003cffffffff85618120\u003e] ip6_pol_route_output+0x50/0x80 net/ipv6/route.c:2606\n[\u003cffffffff856f65b5\u003e] pol_lookup_func include/net/ip6_fib.h:584 [inline]\n[\u003cffffffff856f65b5\u003e] fib6_rule_lookup+0x265/0x620 net/ipv6/fib6_rules.c:116\n[\u003cffffffff85618009\u003e] ip6_route_output_flags_noref+0x2d9/0x3a0 net/ipv6/route.c:2638\n[\u003cffffffff8561821a\u003e] ip6_route_output_flags+0xca/0x340 net/ipv6/route.c:2651\n[\u003cffffffff838bd5a3\u003e] ip6_route_output include/net/ip6_route.h:100 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:473 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:529 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_queue_xmit+0xc33/0x1be0 drivers/net/ipvlan/ipvlan_core.c:677\n[\u003cffffffff838c2909\u003e] ipvlan_start_xmit+0x49/0x100 drivers/net/ipvlan/ipvlan_main.c:229\n[\u003cffffffff84d03900\u003e] netdev_start_xmit include/linux/netdevice.h:4966 [inline]\n[\u003cffffffff84d03900\u003e] xmit_one net/core/dev.c:3644 [inline]\n[\u003cffffffff84d03900\u003e] dev_hard_start_xmit+0x320/0x980 net/core/dev.c:3660\n[\u003cffffffff84d080e2\u003e] __dev_queue_xmit+0x16b2/0x3370 net/core/dev.c:4324\n[\u003cffffffff855ce4cd\u003e] dev_queue_xmit include/linux/netdevice.h:3067 [inline]\n[\u003cffffffff855ce4cd\u003e] neigh_hh_output include/net/neighbour.h:529 [inline]\n[\u003cf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52796",
"url": "https://www.suse.com/security/cve/CVE-2023-52796"
},
{
"category": "external",
"summary": "SUSE Bug 1224930 for CVE-2023-52796",
"url": "https://bugzilla.suse.com/1224930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52796"
},
{
"cve": "CVE-2023-52798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix dfs radar event locking\n\nThe ath11k active pdevs are protected by RCU but the DFS radar event\nhandling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52798",
"url": "https://www.suse.com/security/cve/CVE-2023-52798"
},
{
"category": "external",
"summary": "SUSE Bug 1224947 for CVE-2023-52798",
"url": "https://bugzilla.suse.com/1224947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52798"
},
{
"cve": "CVE-2023-52799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in dbFindLeaf\n\nCurrently while searching for dmtree_t for sufficient free blocks there\nis an array out of bounds while getting element in tp-\u003edm_stree. To add\nthe required check for out of bound we first need to determine the type\nof dmtree. Thus added an extra parameter to dbFindLeaf so that the type\nof tree can be determined and the required check can be applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52799",
"url": "https://www.suse.com/security/cve/CVE-2023-52799"
},
{
"category": "external",
"summary": "SUSE Bug 1225472 for CVE-2023-52799",
"url": "https://bugzilla.suse.com/1225472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52799"
},
{
"cve": "CVE-2023-52800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix htt pktlog locking\n\nThe ath11k active pdevs are protected by RCU but the htt pktlog handling\ncode calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52800",
"url": "https://www.suse.com/security/cve/CVE-2023-52800"
},
{
"category": "external",
"summary": "SUSE Bug 1230600 for CVE-2023-52800",
"url": "https://bugzilla.suse.com/1230600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52800"
},
{
"cve": "CVE-2023-52801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd: Fix missing update of domains_itree after splitting iopt_area\n\nIn iopt_area_split(), if the original iopt_area has filled a domain and is\nlinked to domains_itree, pages_nodes have to be properly\nreinserted. Otherwise the domains_itree becomes corrupted and we will UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52801",
"url": "https://www.suse.com/security/cve/CVE-2023-52801"
},
{
"category": "external",
"summary": "SUSE Bug 1225006 for CVE-2023-52801",
"url": "https://bugzilla.suse.com/1225006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52801"
},
{
"cve": "CVE-2023-52803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix RPC client cleaned up the freed pipefs dentries\n\nRPC client pipefs dentries cleanup is in separated rpc_remove_pipedir()\nworkqueue,which takes care about pipefs superblock locking.\nIn some special scenarios, when kernel frees the pipefs sb of the\ncurrent client and immediately alloctes a new pipefs sb,\nrpc_remove_pipedir function would misjudge the existence of pipefs\nsb which is not the one it used to hold. As a result,\nthe rpc_remove_pipedir would clean the released freed pipefs dentries.\n\nTo fix this issue, rpc_remove_pipedir should check whether the\ncurrent pipefs sb is consistent with the original pipefs sb.\n\nThis error can be catched by KASAN:\n=========================================================\n[ 250.497700] BUG: KASAN: slab-use-after-free in dget_parent+0x195/0x200\n[ 250.498315] Read of size 4 at addr ffff88800a2ab804 by task kworker/0:18/106503\n[ 250.500549] Workqueue: events rpc_free_client_work\n[ 250.501001] Call Trace:\n[ 250.502880] kasan_report+0xb6/0xf0\n[ 250.503209] ? dget_parent+0x195/0x200\n[ 250.503561] dget_parent+0x195/0x200\n[ 250.503897] ? __pfx_rpc_clntdir_depopulate+0x10/0x10\n[ 250.504384] rpc_rmdir_depopulate+0x1b/0x90\n[ 250.504781] rpc_remove_client_dir+0xf5/0x150\n[ 250.505195] rpc_free_client_work+0xe4/0x230\n[ 250.505598] process_one_work+0x8ee/0x13b0\n...\n[ 22.039056] Allocated by task 244:\n[ 22.039390] kasan_save_stack+0x22/0x50\n[ 22.039758] kasan_set_track+0x25/0x30\n[ 22.040109] __kasan_slab_alloc+0x59/0x70\n[ 22.040487] kmem_cache_alloc_lru+0xf0/0x240\n[ 22.040889] __d_alloc+0x31/0x8e0\n[ 22.041207] d_alloc+0x44/0x1f0\n[ 22.041514] __rpc_lookup_create_exclusive+0x11c/0x140\n[ 22.041987] rpc_mkdir_populate.constprop.0+0x5f/0x110\n[ 22.042459] rpc_create_client_dir+0x34/0x150\n[ 22.042874] rpc_setup_pipedir_sb+0x102/0x1c0\n[ 22.043284] rpc_client_register+0x136/0x4e0\n[ 22.043689] rpc_new_client+0x911/0x1020\n[ 22.044057] rpc_create_xprt+0xcb/0x370\n[ 22.044417] rpc_create+0x36b/0x6c0\n...\n[ 22.049524] Freed by task 0:\n[ 22.049803] kasan_save_stack+0x22/0x50\n[ 22.050165] kasan_set_track+0x25/0x30\n[ 22.050520] kasan_save_free_info+0x2b/0x50\n[ 22.050921] __kasan_slab_free+0x10e/0x1a0\n[ 22.051306] kmem_cache_free+0xa5/0x390\n[ 22.051667] rcu_core+0x62c/0x1930\n[ 22.051995] __do_softirq+0x165/0x52a\n[ 22.052347]\n[ 22.052503] Last potentially related work creation:\n[ 22.052952] kasan_save_stack+0x22/0x50\n[ 22.053313] __kasan_record_aux_stack+0x8e/0xa0\n[ 22.053739] __call_rcu_common.constprop.0+0x6b/0x8b0\n[ 22.054209] dentry_free+0xb2/0x140\n[ 22.054540] __dentry_kill+0x3be/0x540\n[ 22.054900] shrink_dentry_list+0x199/0x510\n[ 22.055293] shrink_dcache_parent+0x190/0x240\n[ 22.055703] do_one_tree+0x11/0x40\n[ 22.056028] shrink_dcache_for_umount+0x61/0x140\n[ 22.056461] generic_shutdown_super+0x70/0x590\n[ 22.056879] kill_anon_super+0x3a/0x60\n[ 22.057234] rpc_kill_sb+0x121/0x200",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52803",
"url": "https://www.suse.com/security/cve/CVE-2023-52803"
},
{
"category": "external",
"summary": "SUSE Bug 1225008 for CVE-2023-52803",
"url": "https://bugzilla.suse.com/1225008"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52803"
},
{
"cve": "CVE-2023-52804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Add validity check for db_maxag and db_agpref\n\nBoth db_maxag and db_agpref are used as the index of the\ndb_agfree array, but there is currently no validity check for\ndb_maxag and db_agpref, which can lead to errors.\n\nThe following is related bug reported by Syzbot:\n\nUBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:639:20\nindex 7936 is out of range for type \u0027atomic_t[128]\u0027\n\nAdd checking that the values of db_maxag and db_agpref are valid\nindexes for the db_agfree array.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52804",
"url": "https://www.suse.com/security/cve/CVE-2023-52804"
},
{
"category": "external",
"summary": "SUSE Bug 1225550 for CVE-2023-52804",
"url": "https://bugzilla.suse.com/1225550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52804"
},
{
"cve": "CVE-2023-52805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in diAlloc\n\nCurrently there is not check against the agno of the iag while\nallocating new inodes to avoid fragmentation problem. Added the check\nwhich is required.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52805",
"url": "https://www.suse.com/security/cve/CVE-2023-52805"
},
{
"category": "external",
"summary": "SUSE Bug 1225553 for CVE-2023-52805",
"url": "https://bugzilla.suse.com/1225553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T07:15:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52805"
},
{
"cve": "CVE-2023-52806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Fix possible null-ptr-deref when assigning a stream\n\nWhile AudioDSP drivers assign streams exclusively of HOST or LINK type,\nnothing blocks a user to attempt to assign a COUPLED stream. As\nsupplied substream instance may be a stub, what is the case when\ncode-loading, such scenario ends with null-ptr-deref.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.5.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.5.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.5.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-livepatch-devel-6.4.0-150600.10.5.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.5.1.x86_64",