Vulnerability from csaf_suse
Published
2022-10-31 08:28
Modified
2022-10-31 08:28
Summary
Security update for the Linux Kernel

Notes

Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-3695: Fixed an issue inside the einj_error_inject function in drivers/acpi/apei/einj.c that allowed users to simulate hardware errors and consequently cause a denial of service (bnc#1023051). - CVE-2020-16119: Fixed a use-after-free due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released (bnc#1177471). - CVE-2020-27784: Fixed a vulnerability that was found in printer_ioctl() printer_ioctl() when accessing a deallocated instance (bnc#1202895). - CVE-2021-4155: Fixed a data leak flaw that was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem (bnc#1194272). - CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bnc#1194535). - CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346). - CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347). - CVE-2022-2503: Fixed a LoadPin bypass in Dm-verity (bnc#1202677). - CVE-2022-2586: Fixed issue in netfilter that allowed CHAIN_ID to refer to another table (bsc#1202095). - CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096). - CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726). - CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where the message handling could be confused and incorrectly matches the message (bnc#1202097). - CVE-2022-2905: Fixed tnum_range usage on array range checking for poke descriptors (bsc#1202564, bsc#1202860). - CVE-2022-2977: Fixed reference counting for struct tpm_chip (bsc#1202672). - CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898). - CVE-2022-3169: Fixed a denial of service that resulted in a PCIe link disconnect (bnc#1203290). - CVE-2022-32296: Fixed issue where TCP servers were able to identify clients by observing what source ports are used (bnc#1200288). - CVE-2022-3239: Fixed a use-after-free in the video4linux driver (bnc#1203552). - CVE-2022-3303: Fixed a race at SNDCTL_DSP_SYNC (bsc#1203769). - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948). - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107). - CVE-2022-39190: Fixed an issue that was discovered in net/netfilter/nf_tables_api.c and could cause a denial of service upon binding to an already bound chain (bnc#1203117). - CVE-2022-40768: Fixed information leak in drivers/scsi/stex.c due to stex_queuecommand_lck lack a memset for the PASSTHRU_CMD case (bnc#1203514). - CVE-2022-41218: Fixed a use-after-free due to refcount races at releasing (bsc#1202960). - CVE-2022-41222: Fixed a use-after-free via a stale TLB because an rmap lock is not held during a PUD move (bnc#1203622). - CVE-2022-41674: Fixed a DoS issue where kernel can crash on the reception of specific WiFi Frames (bsc#1203770). - CVE-2022-41848: Fixed a use-after-free in mgslpc_ops (bsc#1203987). - CVE-2022-41849: Fixed a use-after-free in ufx_ops_open() (bsc#1203992). - CVE-2022-42719: Fixed MBSSID parsing use-after-free (bsc#1204051). - CVE-2022-42720: Fixed BSS refcounting bugs (bsc#1204059). - CVE-2022-42721: Avoid nontransmitted BSS list corruption (bsc#1204060). - CVE-2022-42722: Fixed crash in beacon protection for P2P-device (bsc#1204125). The following non-security bugs were fixed: - Fixed parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019). - acpi: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks (git-fixes). - acpi: LPSS: Fix missing check in register_device_clock() (git-fixes). - acpi: PM: save NVS memory for Lenovo G40-45 (git-fixes). - acpi: processor idle: Practically limit 'Dummy wait' workaround to old Intel systems (bnc#1203802). - acpi: processor: Remove freq Qos request for all CPUs (git-fixes). - acpi: property: Return type of acpi_add_nondev_subnodes() should be bool (git-fixes). - acpi: video: Force backlight native for some TongFang devices (git-fixes). - alsa: aloop: Fix random zeros in capture data when using jiffies timer (git-fixes). - alsa: bcd2000: Fix a UAF bug on the error path of probing (git-fixes). - alsa: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() (git-fixes). - alsa: hda/cirrus - support for iMac 12,1 model (git-fixes). - alsa: hda/conexant: Add quirk for LENOVO 20149 Notebook model (git-fixes). - alsa: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED (git-fixes). - alsa: hda/realtek: Add mute LED quirk for HP Omen laptop (git-fixes). - alsa: hda/realtek: Add new alc285-hp-amp-init model (git-fixes). - alsa: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes). - alsa: hda/realtek: Add pincfg for ASUS G533Z HP jack (git-fixes). - alsa: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes). - alsa: hda/realtek: Add quirk for Clevo L140PU (git-fixes). - alsa: hda/realtek: Add quirk for Clevo NP50PNJ (git-fixes). - alsa: hda/realtek: Add quirk for Clevo NP70PNJ (git-fixes). - alsa: hda/realtek: Add quirk for Clevo NP70PNP (git-fixes). - alsa: hda/realtek: Add quirk for Clevo NS50PU (git-fixes). - alsa: hda/realtek: Add quirk for Clevo NV45PZ (git-fixes). - alsa: hda/realtek: Add quirk for Dell Latitude 7520 (git-fixes). - alsa: hda/realtek: Add quirk for HP Dev One (git-fixes). - alsa: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx (git-fixes). - alsa: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes). - alsa: hda/realtek: Add quirk for TongFang devices with pop noise (git-fixes). - alsa: hda/realtek: Add quirk for another Asus K42JZ model (git-fixes). - alsa: hda/realtek: Add quirk for the Framework Laptop (git-fixes). - alsa: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop (git-fixes). - alsa: hda/realtek: Fix LED on HP ProBook 435 G7 (git-fixes). - alsa: hda/realtek: Fix deadlock by COEF mutex (git-fixes). - alsa: hda/realtek: Fix headset mic for Acer SF313-51 (git-fixes). - alsa: hda/realtek: Re-arrange quirk table entries (git-fixes). - alsa: hda/realtek: fix mute/micmute LEDs for HP machines (git-fixes). - alsa: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes). - alsa: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (git-fixes). - alsa: hda/realtek: fix right sounds and mute/micmute LEDs for HP machines (git-fixes). - alsa: hda/sigmatel: Fix unused variable warning for beep power change (git-fixes). - alsa: hda/sigmatel: Keep power up while beep is enabled (git-fixes). - alsa: hda/tegra: Align BDL entry to 4KB boundary (git-fixes). - alsa: hda: add Intel 5 Series / 3400 PCI DID (git-fixes). - alsa: info: Fix llseek return value when using callback (git-fixes). - alsa: seq: Fix data-race at module auto-loading (git-fixes). - alsa: seq: oss: Fix data-race for max_midi_devs access (git-fixes). - alsa: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() (git-fixes). - alsa: usb-audio: Inform the delayed registration more properly (git-fixes). - alsa: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II (git-fixes). - alsa: usb-audio: Register card again for iface over delayed_register option (git-fixes). - alsa: usb-audio: Split endpoint setups for hw_params and prepare (git-fixes). - alsa: usb-audio: fix spelling mistakes (git-fixes). - arm64/mm: Validate hotplug range before creating linear mapping (git-fixes) - arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1 (git-fixes) - arm64: dts: allwinner: A64 Sopine: phy-mode rgmii-id (git-fixes) - arm64: dts: allwinner: H5: NanoPi Neo Plus2: phy-mode rgmii-id (git-fixes) - arm64: dts: allwinner: a64-sopine-baseboard: change RGMII mode to (bsc#1202341) - arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (git-fixes) - arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma (git-fixes) - arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz (git-fixes) - arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC (git-fixes) - arm64: kexec_file: use more system keyrings to verify kernel image signature (bsc#1196444). - arm64: mm: Always update TCR_EL1 from __cpu_set_tcr_t0sz() (git-fixes) - arm64: mm: fix p?d_leaf() (git-fixes) - arm64: mm: use a 48-bit ID map when possible on 52-bit VA builds (git-fixes) - arm64: signal: nofpsimd: Do not allocate fp/simd context when not available (git-fixes). - arm64: tegra: Fix SDMMC1 CD on P2888 (git-fixes) - arm64: tegra: Remove non existent Tegra194 reset (git-fixes) - arm64: tlb: fix the TTL value of tlb_get_level (git-fixes) - arm: 9077/1: PLT: Move struct plt_entries definition to header (git-fixes). - arm: 9078/1: Add warn suppress parameter to arm_gen_branch_link() (git-fixes). - arm: 9079/1: ftrace: Add MODULE_PLTS support (git-fixes). - arm: 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE (git-fixes). - asm-generic: sections: refactor memory_intersects (git-fixes). - asoc: SOF: debug: Fix potential buffer overflow by snprintf() (git-fixes). - asoc: audio-graph-card: Add of_node_put() in fail path (git-fixes). - asoc: codecs: da7210: add check for i2c_add_driver (git-fixes). - asoc: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV (git-fixes). - asoc: codecs: wcd9335: move gains from SX_TLV to S8_TLV (git-fixes). - asoc: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe (git-fixes). - asoc: nau8824: Fix semaphore unbalance at error paths (git-fixes). - asoc: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() (git-fixes). - asoc: tas2770: Allow mono streams (git-fixes). - asoc: tas2770: Reinit regcache on reset (git-fixes). - ata: libata-eh: Add missing command name (git-fixes). - atm: idt77252: fix use-after-free bugs caused by tst_timer (git-fixes). - blk-iocost: clamp inuse and skip noops in __propagate_weights() (bsc#1202722). - blk-iocost: fix operation ordering in iocg_wake_fn() (bsc#1202720). - blk-iocost: fix weight updates of inner active iocgs (bsc#1202717). - blk-iocost: rename propagate_active_weights() to propagate_weights() (bsc#1202722). - blktrace: fix blk_rq_merge documentation (git-fixes). - bluetooth: L2CAP: Fix build errors in some archs (git-fixes). - bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression (git-fixes). - bluetooth: MGMT: Fixes build warnings with C=1 (git-fixes). - bpf: Compile out btf_parse_module() if module BTF is not enabled (git-fixes). - can: ems_usb: fix clang's -Wunaligned-access warning (git-fixes). - can: gs_usb: gs_can_open(): fix race dev->can.state condition (git-fixes). - ceph: do not leak snap_rwsem in handle_cap_grant (bsc#1202810). - ceph: do not truncate file in atomic_open (bsc#1202811). - cgroup: Trace event cgroup id fields should be u64 (git-fixes). - cgroup: Use separate src/dst nodes when preloading css_sets for migration (bsc#1201610). - cgroup: cgroup_get_from_id() must check the looked-up kn is a directory (bsc#1203906). - clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate (git-fixes). - clk: core: Fix runtime PM sequence in clk_core_unprepare() (git-fixes). - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops (git-fixes). - clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks (git-fixes). - clk: iproc: Do not rely on node name for correct PLL setup (git-fixes). - clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (git-fixes). - clk: rockchip: add sclk_mac_lbtest to rk3188_critical_clocks (git-fixes). - coresight: cti: Correct the parameter for pm_runtime_put (git-fixes). - crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE (git-fixes) - crypto: arm64/poly1305 - fix a read out-of-bound (git-fixes) - devlink: Fix use-after-free after a failed reload (git-fixes). - dm raid: fix KASAN warning in raid5_add_disks (git-fixes). - dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed (git-fixes). - dpaa2-eth: unregister the netdev before disconnecting from the PHY (git-fixes). - driver core: Do not probe devices after bus_type.match() probe deferral (git-fixes). - drm/amd/display: Limit user regamma to a valid value (git-fixes). - drm/amdgpu: Check BO's requested pinning domains against its preferred_domains (git-fixes). - drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup (git-fixes). - drm/amdgpu: do not register a dirty callback for non-atomic (git-fixes). - drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly (git-fixes). - drm/amdgpu: remove useless condition in amdgpu_job_stop_all_jobs_on_sched() (git-fixes). - drm/amdgpu: use dirty framebuffer helper (git-fixes). - drm/gem: Fix GEM handle release errors (git-fixes). - drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error (git-fixes). - drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk (git-fixes). - drm/i915/reg: Fix spelling mistake 'Unsupport' -> 'Unsupported' (git-fixes). - drm/meson: Correct OSD1 global alpha value (git-fixes). - drm/meson: Fix OSD1 RGB to YCbCr coefficient (git-fixes). - drm/meson: Fix overflow implicit truncation warnings (git-fixes). - drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() (git-fixes). - drm/msm/dsi: Fix number of regulators for SDM660 (git-fixes). - drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg (git-fixes). - drm/msm/dsi: fix the inconsistent indenting (git-fixes). - drm/msm/rd: Fix FIFO-full deadlock (git-fixes). - drm/radeon: add a force flush to delay work when radeon (git-fixes). - drm/rockchip: Fix return type of cdn_dp_connector_mode_valid (git-fixes). - drm/sun4i: dsi: Prevent underflow when computing packet sizes (git-fixes). - dtb: Do not include sources in src.rpm - refer to kernel-source Same as other kernel binary packages there is no need to carry duplicate sources in dtb packages. - efi: capsule-loader: Fix use-after-free in efi_capsule_write (git-fixes). - ehea: fix error return code in ehea_restart_qps() (git-fixes). - enetc: Fix endianness issues for enetc_qos (git-fixes). - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read() (git-fixes). - ext4: Fix BUG_ON in ext4_bread when write quota data (bsc#1197755). - ext4: add reserved GDT blocks check (bsc#1202712). - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() (bsc#1202708). - ext4: do not use the orphan list when migrating an inode (bsc#1197756). - ext4: fix bug_on in ext4_writepages (bsc#1200872). - ext4: fix error handling code in add_new_gdb (bsc#1179722). - ext4: fix error handling in ext4_restore_inline_data() (bsc#1197757). - ext4: fix invalid inode checksum (bsc#1179723). - ext4: fix loff_t overflow in ext4_max_bitmap_size() (bsc#1202709). - ext4: fix overhead calculation to account for the reserved gdt blocks (bsc#1200869). - ext4: fix potential infinite loop in ext4_dx_readdir() (bsc#1191662). - ext4: fix race when reusing xattr blocks (bsc#1198971). - ext4: fix symlink file size not match to file content (bsc#1200868). - ext4: fix use-after-free in ext4_rename_dir_prepare (bsc#1200871). - ext4: fix use-after-free in ext4_search_dir (bsc#1202710). - ext4: fix warning in ext4_handle_inode_extension (bsc#1202711). - ext4: force overhead calculation if the s_overhead_cluster makes no sense (bsc#1200870). - ext4: recover csum seed of tmp_inode after migrating to extents (bsc#1202713). - ext4: remove EA inode entry from mbcache on inode eviction (bsc#1198971). - ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971). - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters (git-fixes). - fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init() (git-fixes). - fbdev: fb_pm2fb: Avoid potential divide by zero error (git-fixes). - firmware: tegra: bpmp: Do only aligned access to IPC memory area (git-fixes). - fs-writeback: writeback_sb_inodes: Recalculate 'wrote' according skipped pages (bsc#1200873). - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead (git-fixes). - fuse: Remove the control interface for virtio-fs (bsc#1203137). - fuse: ioctl: translate ENOSYS (bsc#1203136). - fuse: limit nsec (bsc#1203135). - gadgetfs: ep_io - wait until IRQ finishes (git-fixes). - geneve: do not use RT_TOS for IPv6 flowlabel (git-fixes). - geneve: fix TOS inheriting for ipv4 (git-fixes). - gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx (git-fixes). - gpio: pca953x: Add mutex_lock for regcache sync in PM (git-fixes). - hid: alps: Declare U1_UNICORN_LEGACY support (git-fixes). - hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message (git-fixes). - hid: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo (git-fixes). - hid: steam: Prevent NULL pointer dereference in steam_{recv,send}_report (git-fixes). - hid: wacom: Do not register pad_input for touch switch (git-fixes). - hid: wacom: Only report rotation for art pen (git-fixes). - hv_netvsc: Load and store the proper (NBL_HASH_INFO) per-packet info (bsc#1202701). - hwmon: (gpio-fan) Fix array out of bounds access (git-fixes). - i2c: imx: Make sure to unregister adapter on remove() (git-fixes). - ice: report supported and advertised autoneg using PHY capabilities (git-fixes). - ieee802154/adf7242: defer destroy_workqueue call (git-fixes). - ieee802154: cc2520: add rc code in cc2520_tx() (git-fixes). - iio: adc: mcp3911: make use of the sign bit (git-fixes). - iio: adc: mcp3911: use correct formula for AD conversion (git-fixes). - ima: force signature verification when CONFIG_KEXEC_SIG is configured (bsc#1203737). - input: iforce - add support for Boeder Force Feedback Wheel (git-fixes). - input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag (git-fixes). - input: melfas_mip4 - fix return value check in mip4_probe() (git-fixes). - input: rk805-pwrkey - fix module autoloading (git-fixes). - input: snvs_pwrkey - fix SNVS_HPVIDR1 register address (git-fixes). - intel_th: pci: Add Meteor Lake-P support (git-fixes). - intel_th: pci: Add Raptor Lake-S CPU support (git-fixes). - intel_th: pci: Add Raptor Lake-S PCH support (git-fixes). - iommu/amd: Simplify and Consolidate Virtual APIC (AVIC) Enablement (git-fixes). - iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop (git-fixes). - iommu/exynos: Handle failed IOMMU device registration properly (git-fixes). - iommu/iova: Improve 32-bit free space estimate (git-fixes). - iommu/ipmmu-vmsa: Check for error num after setting mask (git-fixes). - iommu/mediatek: Add list_del in mtk_iommu_remove (git-fixes). - iommu/msm: Fix an incorrect NULL check on list iterator (git-fixes). - iommu/omap: Fix regression in probe for NULL pointer dereference (git-fixes). - iommu/vt-d: Calculate mask for non-aligned flushes (git-fixes). - iommu/vt-d: Fix PCI bus rescan device hot add (git-fixes). - iommu/vt-d: Fix RID2PASID setup/teardown failure (git-fixes). - iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) (git-fixes). - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes). - ipmi: ssif: initialize ssif_info->client early (git-fixes). - ixgbevf: add correct exception tracing for XDP (git-fixes). - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted (bsc#1202716). - jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction() (bsc#1202715). - jfs: fix GPF in diFree (bsc#1203389). - jfs: fix memleak in jfs_mount (git-fixes). - jfs: more checks for invalid superblock (git-fixes). - jfs: prevent NULL deref in diFree (bsc#1203389). - kABI: x86: kexec: hide new include from genksyms (bsc#1196444). - kabi: cgroup: Restore KABI of css_set (bsc#1201610). - kbuild: do not create built-in objects for external module builds (jsc#SLE-24559 bsc#1202756). - kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (bsc#1181862 git-fixes). - kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (git-fixes). - kernel-binary: move @NOSOURCE@ to @SOURCES@ as in other packages - kernel-obs-build: include qemu_fw_cfg (boo#1201705) - kernel-source: include the kernel signature file We assume that the upstream tarball is used for released kernels. Then we can also include the signature file and keyring in the kernel-source src.rpm. Because of mkspec code limitation exclude the signature and keyring from binary packages always - mkspec does not parse spec conditionals. - kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification (bsc#1196444). - kexec, KEYS: make the code in bzImage64_verify_sig generic (bsc#1196444). - kexec: clean up arch_kexec_kernel_verify_sig (bsc#1196444). - kexec: do not verify the signature without the lockdown or mandatory signature (bsc#1203737). - kexec: drop weak attribute from functions (bsc#1196444). - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] (bsc#1196444). - kexec_file: drop weak attribute from functions (bsc#1196444). - kfifo: fix kfifo_to_user() return type (git-fixes). - kfifo: fix ternary sign extension bugs (git-fixes). - kvm: PPC: Book3S HV: Context tracking exit guest context before enabling irqs (bsc#1065729). - kvm: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB (bsc#1156395). - kvm: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr() (bsc#1156395). - kvm: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1156395). - kvm: PPC: Use arch_get_random_seed_long instead of powernv variant (bsc#1156395). - kvm: VMX: Refuse to load kvm_intel if EPT and NX are disabled (git-fixes). - kvm: nVMX: Let userspace set nVMX MSR to any _host_ supported value (git-fixes). - kvm: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case (git-fixes). - kvm: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case (git-fixes). - kvm: x86: Mark TSS busy during LTR emulation _after_ all fault checks (git-fixes). - kvm: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP (git-fixes). - kvm: x86: accept userspace interrupt only if no event is injected (git-fixes). - lib/list_debug.c: Detect uninitialized lists (git-fixes). - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc() (git-fixes). - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205 (git-fixes). - lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420 ZDI-CAN-17325). - list: add 'list_del_init_careful()' to go with 'list_empty_careful()' (bsc#1202745). - locking/lockdep: Avoid potential access of invalid memory in lock_class (git-fixes). - loop: Fix missing discard support when using LOOP_CONFIGURE (bsc#1202718). - mbcache: add functions to delete entry if unused (bsc#1198971). - mbcache: do not reclaim used entries (bsc#1198971). - md-raid10: fix KASAN warning (git-fixes). - md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158). - md: call __md_stop_writes in md_stop (git-fixes). - md: unlock mddev before reap sync_thread in action_store (bsc#1197659). - media: aspeed-video: ignore interrupts that are not enabled (git-fixes). - media: coda: Add more H264 levels for CODA960 (git-fixes). - media: coda: Fix reported H264 profile (git-fixes). - media: dvb_vb2: fix possible out of bound access (git-fixes). - mfd: max77620: Fix refcount leak in max77620_initialise_fps (git-fixes). - mfd: t7l66xb: Drop platform disable callback (git-fixes). - misc: fastrpc: fix memory corruption on open (git-fixes). - misc: fastrpc: fix memory corruption on probe (git-fixes). - mkspec: eliminate @NOSOURCE@ macro This should be alsways used with @SOURCES@, just include the content there. - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse (git-fixes, bsc#1203098). - mm: bdi: initialize bdi_min_ratio when bdi is unregistered (bsc#1197763). - mm: memcontrol: fix potential oom_lock recursion deadlock (bsc#1202447). - mm: pagewalk: Fix race between unmap and page walker (git-fixes, bsc#1203159). - mm: proc: smaps_rollup: do not stall write attempts on mmap_lock (bsc#1201990). - mm: smaps*: extend smap_gather_stats to support specified beginning (bsc#1201990). - mmap locking API: add mmap_lock_is_contended() (bsc#1201990). - mmc: moxart: fix 4-bit bus width and remove 8-bit bus width (git-fixes). - mmc: pxamci: Fix an error handling path in pxamci_probe() (git-fixes). - mmc: pxamci: Fix another error handling path in pxamci_probe() (git-fixes). - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols (git-fixes). - mtd: maps: Fix refcount leak in ap_flash_init (git-fixes). - mtd: maps: Fix refcount leak in of_flash_probe_versatile (git-fixes). - mtd: partitions: Fix refcount leak in parse_redboot_of (git-fixes). - mtd: rawnand: meson: Fix a potential double free issue (git-fixes). - mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release (git-fixes). - mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path (git-fixes). - net/mlx5e: Check for needed capability for cvlan matching (git-fixes). - net: bcmgenet: Add mdio-bcm-unimac soft dependency (git-fixes). - net: cpsw: Properly initialise struct page_pool_params (git-fixes). - net: cpsw: add missing of_node_put() in cpsw_probe_dt() (git-fixes). - net: davinci_emac: Fix incorrect masking of tx and rx error channel (git-fixes). - net: dsa: felix: suppress -EPROBE_DEFER errors (git-fixes). - net: dsa: mt7530: fix VLAN traffic leaks (git-fixes). - net: enetc: Use pci_release_region() to release some resources (git-fixes). - net: enetc: report software timestamping via SO_TIMESTAMPING (git-fixes). - net: enetc: unmap DMA in enetc_send_cmd() (git-fixes). - net: ethernet: aeroflex: fix UAF in greth_of_remove (git-fixes). - net: ethernet: ezchip: fix UAF in nps_enet_remove (git-fixes). - net: ethernet: ezchip: fix error handling (git-fixes). - net: ethernet: ezchip: remove redundant check (git-fixes). - net: ethernet: fix potential use-after-free in ec_bhf_remove (git-fixes). - net: ethernet: ti: cpsw_ale: Fix access to un-initialized memory (git-fixes). - net: fec: fix the potential memory leak in fec_enet_init() (git-fixes). - net: fec_ptp: add clock rate zero check (git-fixes). - net: hns: Fix kernel-doc (git-fixes). - net: lantiq: fix memory corruption in RX ring (git-fixes). - net: mana: Add rmb after checking owner bits (git-fixes). - net: mana: Add support of XDP_REDIRECT action (bsc#1201310, jsc#PED-529). - net: mana: Add the Linux MANA PF driver (bsc#1201309, jsc#PED-529). - net: moxa: Use devm_platform_get_and_ioremap_resource() (git-fixes). - net: mscc: ocelot: correctly report the timestamping RX filters in ethtool (git-fixes). - net: mscc: ocelot: do not downgrade timestamping RX filters in SIOCSHWTSTAMP (git-fixes). - net: netcp: Fix an error message (git-fixes). - net: pch_gbe: Propagate error from devm_gpio_request_one() (git-fixes). - net: rose: fix netdev reference changes (git-fixes). - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer (git-fixes). - net: stmicro: handle clk_prepare() failure during init (git-fixes). - net: stmmac: disable clocks in stmmac_remove_config_dt() (git-fixes). - net: stmmac: dwmac1000: Fix extended MAC address registers definition (git-fixes). - net: usb: qmi_wwan: add Quectel RM520N (git-fixes). - net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() (bsc#1200431). - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() (bsc#1200431). - net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c (bsc#1200431). - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send (git-fixes). - net:enetc: allocate CBD ring data memory using DMA coherent methods (git-fixes). - net_sched: cls_route: disallow handle of 0 (bsc#1202393). - nfs: fix nfs_path in case of a rename retry (git-fixes). - nfsd: Add missing NFSv2 .pc_func methods (git-fixes). - nfsd: Clamp WRITE offsets (git-fixes). - nfsd: Fix offset type in I/O trace points (git-fixes). - nfsd: Fix possible sleep during nfsd4_release_lockowner() (git-fixes). - nfsd: fix use-after-free due to delegation race (git-fixes). - nfsd: prevent integer overflow on 32 bit systems (git-fixes). - nfsd: prevent underflow in nfssvc_decode_writeargs() (git-fixes). - nfsv4.1: Do not decrease the value of seq_nr_highest_sent (git-fixes). - nfsv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly (git-fixes). - nfsv4.1: RECLAIM_COMPLETE must handle EACCES (git-fixes). - nfsv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag (git-fixes). - nfsv4: Fix races in the legacy idmapper upcall (git-fixes). - nfsv4: Fix second deadlock in nfs4_evict_inode() (git-fixes). - nfsv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error (git-fixes). - ntb: ntb_tool: uninitialized heap data in tool_fn_write() (git-fixes). - nvme-fabrics: parse nvme connect Linux error codes (bsc#1201865). - nvme-rdma: Handle number of queue changes (bsc#1201865). - nvme-tcp: Handle number of queue changes (bsc#1201865). - nvme-tcp: fix UAF when detecting digest errors (bsc#1200313 bsc#1201489). - nvme: fix RCU hole that allowed for endless looping in multipath round robin (bsc#1202636). - nvmet: Expose max queues to configfs (bsc#1201865). - objtool: Add support for intra-function calls (bsc#1202396). - objtool: Make handle_insn_ops() unconditional (bsc#1202396). - objtool: Remove INSN_STACK (bsc#1202396). - objtool: Rework allocating stack_ops on decode (bsc#1202396). - objtool: Support multiple stack_op per instruction (bsc#1202396). - ocfs2: drop acl cache for directories too (bsc#1191667). - ocfs2: fix crash when initialize filecheck kobj fails (bsc#1197920). - ocfs2: mount fails with buffer overflow in strlen (bsc#1197760). - of/device: Fix up of_dma_configure_id() stub (git-fixes). - of: fdt: fix off-by-one error in unflatten_dt_nodes() (git-fixes). - padata: introduce internal padata_get/put_pd() helpers (bsc#1202638). - padata: make padata_free_shell() to respect pd's ->refcnt (bsc#1202638). - parisc/sticon: fix reverse colors (bsc#1152489). - parisc: parisc-agp requires SBA IOMMU driver (bsc#1152489) - pci/acpi: Guard ARM64-specific mcfg_quirks (git-fixes). - pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes). - pci: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845). - pci: hv: Fix interrupt mapping for multi-MSI (bsc#1200845). - pci: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845). - pci: hv: Make the code arch neutral by adding arch specific interfaces (bsc#1200845). - pci: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845). - pci: hv: Reuse existing IRTE allocation in compose_msi_msg() (bsc#1200845). - pci: qcom: Fix pipe clock imbalance (git-fixes). - perf bench: Share some global variables to fix build with gcc 10 (git-fixes). - pinctrl/rockchip: fix gpio device creation (git-fixes). - pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map (git-fixes). - pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed (git-fixes). - pinctrl: rockchip: Enhance support for IRQ_TYPE_EDGE_BOTH (git-fixes). - pinctrl: sunxi: Add I/O bias setting for H6 R-PIO (git-fixes). - platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes (git-fixes). - platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (git-fixes). - powerpc/drmem: Make lmb_size 64 bit (bsc#1203424 ltc#199544). - powerpc/memhotplug: Make lmb size 64bit (bsc#1203424 ltc#199544). - powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable (bsc#1156395). - powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729). - powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729). - powerpc/powernv: Staticify functions without prototypes (bsc#1065729). - powerpc/powernv: delay rng platform device creation until later in boot (bsc#1065729). - powerpc/powernv: rename remaining rng powernv_ functions to pnv_ (bsc#1065729). - powerpc/powernv: wire up rng during setup_arch (bsc#1065729). - powerpc/pseries: wire up rng during setup_arch() (bsc#1065729). - powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess). - powerpc: Enable execve syscall exit tracepoint (bsc#1065729). - powerpc: define get_cycles macro for arch-override (bsc#1065729). - powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729). - ppc64/kdump: Limit kdump base to 512MB (bsc#1203410 ltc#199904). - profiling: fix shift too large makes kernel panic (git-fixes). - psi: Fix uaf issue when psi trigger is destroyed while being polled (bsc#1203909). - qlcnic: Add null check after calling netdev_alloc_skb (git-fixes). - random: fix crash on multiple early calls to add_bootloader_randomness() (git-fixes). - ratelimit: Fix data-races in ___ratelimit() (git-fixes). - regulator: core: Clean up on enable failure (git-fixes). - regulator: pfuze100: Fix the global-out-of-bounds access in pfuze100_regulator_probe() (git-fixes). - reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr (bsc#1202714). - remoteproc: qcom: q6v5-mss: add powerdomains to MSM8996 config (git-fixes). - remoteproc: qcom: wcnss: Fix handling of IRQs (git-fixes). - reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes). - rpm/kernel-binary.spec.in: move vdso to a separate package (bsc#1202385) We do the move only on 15.5+. - rpm/kernel-binary.spec.in: simplify find for usrmerged The type test and print line are the same for both cases. The usrmerged case only ignores more, so refactor it to make it more obvious. - rpm/kernel-source.spec.in: simplify finding of broken symlinks 'find -xtype l' will report them, so use that to make the search a bit faster (without using shell). - s390/crash: fix incorrect number of bytes to copy to user space (git-fixes). - s390/crash: make copy_oldmem_page() return number of bytes copied (git-fixes). - s390/mm: do not trigger write fault when vma does not allow VM_WRITE (git-fixes). - s390/mm: fix 2KB pgtable release race (git-fixes). - s390/ptrace: pass invalid syscall numbers to tracing (bsc#1192594 LTC#197522). - s390/qeth: cache link_info for ethtool (bsc#1202984 LTC#199607). - s390/qeth: clean up default cases for ethtool link mode (bsc#1202984 LTC#199607). - s390/qeth: improve QUERY CARD INFO processing (bsc#1202984 LTC#199607). - s390/qeth: improve selection of ethtool link modes (bsc#1202984 LTC#199607). - s390/qeth: set static link info during initialization (bsc#1202984 LTC#199607). - s390/qeth: tolerate error when querying card info (bsc#1202984 LTC#199607). - s390/qeth: use QUERY OAT for initial link info (bsc#1202984 LTC#199607). - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid (git-fixes). - scsi: lpfc: Add missing destroy_workqueue() in error path (bsc#1203939). - scsi: lpfc: Add missing free iocb and nlp kref put for early return VMID cases (bsc#1203939). - scsi: lpfc: Add reporting capability for Link Degrade Signaling (bsc#1203939). - scsi: lpfc: Add warning notification period to CMF_SYNC_WQE (bsc#1203063). - scsi: lpfc: Check the return value of alloc_workqueue() (bsc#1203063). - scsi: lpfc: Copyright updates for 14.2.0.6 patches (bsc#1203063). - scsi: lpfc: Fix FLOGI ACC with wrong SID in PT2PT topology (bsc#1203939). - scsi: lpfc: Fix mbuf pool resource detected as busy at driver unload (bsc#1203939). - scsi: lpfc: Fix multiple NVMe remoteport registration calls for the same NPort ID (bsc#1203939). - scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID (bsc#1203063). - scsi: lpfc: Fix prli_fc4_req checks in PRLI handling (bsc#1203939). - scsi: lpfc: Fix unsolicited FLOGI receive handling during PT2PT discovery (bsc#1203063). - scsi: lpfc: Fix various issues reported by tools (bsc#1203939). - scsi: lpfc: Move scsi_host_template outside dynamically allocated/freed phba (bsc#1185032 bsc#1203939). - scsi: lpfc: Remove SANDiags related code (bsc#1203063). - scsi: lpfc: Remove the unneeded result variable (bsc#1203939). - scsi: lpfc: Remove unneeded result variable (bsc#1203939). - scsi: lpfc: Rename mp/bmp dma buffers to rq/rsp in lpfc_fdmi_cmd (bsc#1203939). - scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of DID_REQUEUE (bsc#1203939). - scsi: lpfc: Rework FDMI attribute registration for unintential padding (bsc#1203939). - scsi: lpfc: Rework MIB Rx Monitor debug info logic (bsc#1203063). - scsi: lpfc: Rework lpfc_fdmi_cmd() routine for cleanup and consistency (bsc#1203939). - scsi: lpfc: Update congestion mode logging for Emulex SAN Manager application (bsc#1203939). - scsi: lpfc: Update lpfc version to 14.2.0.6 (bsc#1203063). - scsi: lpfc: Update lpfc version to 14.2.0.7 (bsc#1203939). - scsi: mpt3sas: Fix use-after-free warning (git-fixes). - scsi: qla2xxx: Add NVMe parameters support in Auxiliary Image Status (bsc#1203935). - scsi: qla2xxx: Add debugfs create/delete helpers (bsc#1203935). - scsi: qla2xxx: Always wait for qlt_sess_work_fn() from qlt_stop_phase1() (bsc#1203935). - scsi: qla2xxx: Avoid flush_scheduled_work() usage (bsc#1203935). - scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX (bsc#1203935). - scsi: qla2xxx: Drop DID_TARGET_FAILURE use (bsc#1203935). - scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() (bsc#1203935). - scsi: qla2xxx: Fix response queue handler reading stale packets (bsc#1203935). - scsi: qla2xxx: Log message 'skipping scsi_scan_host()' as informational (bsc#1203935). - scsi: qla2xxx: Remove unused declarations for qla2xxx (bsc#1203935). - scsi: qla2xxx: Remove unused del_sess_list field (bsc#1203935). - scsi: qla2xxx: Remove unused qlt_tmr_work() (bsc#1203935). - scsi: qla2xxx: Revert 'scsi: qla2xxx: Fix response queue handler reading stale packets' (bsc#1203935). - scsi: qla2xxx: Update version to 10.02.07.900-k (bsc#1203935). - scsi: sg: Allow waiting for commands to complete on removed device (git-fixes). - scsi: smartpqi: Fix DMA direction for RAID requests (git-fixes). - scsi: smartpqi: Shorten drive visibility after removal (bsc#1200622). - scsi: smartpqi: Update LUN reset handler (bsc#1200622). - selftests: futex: Use variable MAKE instead of make (git-fixes). - serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty() (git-fixes). - serial: Create uart_xmit_advance() (git-fixes). - serial: fsl_lpuart: RS485 RTS polariy is inverse (git-fixes). - serial: mvebu-uart: uart2 error bits clearing (git-fixes). - serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting (git-fixes). - serial: tegra: Change lower tolerance baud rate limit for tegra20 and tegra30 (git-fixes). - serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting (git-fixes). - silence nfscache allocation warnings with kvzalloc (git-fixes). - soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs (git-fixes). - soc: sunxi: sram: Actually claim SRAM regions (git-fixes). - soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes). - soc: sunxi: sram: Prevent the driver from being unbound (git-fixes). - spi: Fix incorrect cs_setup delay handling (git-fixes). - spi: spi-rspi: Fix PIO fallback on RZ platforms (git-fixes). - spi: synquacer: Add missing clk_disable_unprepare() (git-fixes). - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions (git-fixes). - squashfs: fix divide error in calculate_skip() (git-fixes). - staging: rtl8712: fix use after free bugs (git-fixes). - struct ehci_hcd: hide new member (git-fixes). - struct otg_fsm: hide new boolean member in gap (git-fixes). - sunrpc: Clean up scheduling of autoclose (git-fixes). - sunrpc: Do not call connect() more than once on a TCP socket (git-fixes). - sunrpc: Do not dereference xprt->snd_task if it's a cookie (git-fixes). - sunrpc: Do not leak sockets in xs_local_connect() (git-fixes). - sunrpc: Fix READ_PLUS crasher (git-fixes). - sunrpc: Fix misplaced barrier in call_decode (git-fixes). - sunrpc: Prevent immediate close+reconnect (git-fixes). - sunrpc: RPC level errors should set task->tk_rpc_status (git-fixes). - sunrpc: Reinitialise the backchannel request buffers before reuse (git-fixes). - sunrpc: fix expiry of auth creds (git-fixes). - svcrdma: Hold private mutex while invoking rdma_accept() (git-fixes). - tee: optee: Fix incorrect page free bug (git-fixes). - thermal: Fix NULL pointer dereferences in of_thermal_ functions (git-fixes). - thermal: sysfs: Fix cooling_device_stats_setup() error code path (git-fixes). - thunderbolt: Use the actual buffer in tb_async_error() (git-fixes). - tools/thermal: Fix possible path truncations (git-fixes). - tracing/histogram: Fix a potential memory leak for kstrdup() (git-fixes). - tracing/histograms: Fix memory leak problem (git-fixes). - tracing/probes: Have kprobes and uprobes use $COMM too (git-fixes). - tracing: Add ustring operation to filtering string pointers (git-fixes). - tracing: hold caller_addr to hardirq_{enable,disable}_ip (git-fixes). - tty/serial: atmel: RS485 & ISO7816: wait for TXRDY before sending data (git-fixes). - tty: serial: Fix refcount leak bug in ucc_uart.c (git-fixes). - tty: serial: lpuart: disable flow control while waiting for the transmit engine to complete (git-fixes). - tty: vt: initialize unicode screen buffer (git-fixes). - usb-storage: Add ignore-residue quirk for NXP PN7462AU (git-fixes). - usb.h: struct usb_device: hide new member (git-fixes). - usb: add quirks for Lenovo OneLink+ Dock (git-fixes). - usb: cdc-acm: Add Icom PMR F3400 support (0c26:0020) (git-fixes). - usb: core: Fix RST error in hub.c (git-fixes). - usb: core: Prevent nested device-reset calls (git-fixes). - usb: dwc2: fix wrong order of phy_power_on and phy_init (git-fixes). - usb: dwc3: Switch to platform_get_irq_byname_optional() (git-fixes). - usb: dwc3: disable USB core PHY management (git-fixes). - usb: dwc3: ep0: Fix delay status handling (git-fixes). - usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind (git-fixes). - usb: dwc3: gadget: END_TRANSFER before CLEAR_STALL command (git-fixes). - usb: dwc3: gadget: Fix IN endpoint max packet size allocation (git-fixes). - usb: dwc3: gadget: Prevent repeat pullup() (git-fixes). - usb: dwc3: gadget: Refactor dwc3_gadget_ep_dequeue (git-fixes). - usb: dwc3: gadget: Remove FS bInterval_m1 limitation (git-fixes). - usb: dwc3: gadget: Remove unnecessary checks (git-fixes). - usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback (git-fixes). - usb: dwc3: gadget: Store resource index of start cmd (git-fixes). - usb: dwc3: qcom: fix missing optional irq warnings. - usb: ehci: handshake CMD_RUN instead of STS_HALT (git-fixes). - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS (git-fixes). - usb: gadget: u_audio: fix race condition on endpoint stop (git-fixes). - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes). - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of uvcg_info (git-fixes). - usb: host: ohci-ppc-of: Fix refcount leak bug (git-fixes). - usb: otg-fsm: Fix hrtimer list corruption (git-fixes). - usb: renesas: Fix refcount leak bug (git-fixes). - usb: serial: ch341: fix disabled rx timer on older devices (git-fixes). - usb: serial: ch341: fix lost character on LCR updates (git-fixes). - usb: serial: ch341: name prescaler, divisor registers (git-fixes). - usb: serial: cp210x: add Decagon UCA device id (git-fixes). - usb: serial: ftdi_sio: add Omron CS1W-CIF31 device id (git-fixes). - usb: serial: option: add Quectel BG95 0x0203 composition (git-fixes). - usb: serial: option: add Quectel BG95 0x0203 composition (git-fixes). - usb: serial: option: add Quectel EM060K modem (git-fixes). - usb: serial: option: add Quectel RM520N (git-fixes). - usb: serial: option: add Quectel RM520N (git-fixes). - usb: serial: option: add support for Cinterion MV32-WA/WB RmNet mode (git-fixes). - usb: serial: option: add support for OPPO R11 diag port (git-fixes). - usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS (git-fixes). - usb: typec: altmodes/displayport: correct pin assignment for UFP receptacles (git-fixes). - usb: typec: ucsi: Remove incorrect warning (git-fixes). - usb: xhci-mtk: add a function to (un)load bandwidth info (git-fixes). - usb: xhci-mtk: add only one extra CS for FS/LS INTR (git-fixes). - usb: xhci-mtk: add some schedule error number (git-fixes). - usb: xhci-mtk: fix issue of out-of-bounds array access (git-fixes). - usb: xhci-mtk: get the microframe boundary for ESIT (git-fixes). - usb: xhci-mtk: use @sch_tt to check whether need do TT schedule (git-fixes). - usbnet: Fix linkwatch use-after-free on disconnect (git-fixes). - usbnet: Fix memory leak in usbnet_disconnect() (git-fixes). - usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes). - vboxguest: Do not use devm for irq (git-fixes). - vfio/ccw: Remove UUID from s390 debug log (git-fixes). - video: fbdev: amba-clcd: Fix refcount leak bugs (git-fixes). - video: fbdev: arkfb: Check the size of screen before memset_io() (git-fixes). - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() (git-fixes). - video: fbdev: i740fb: Check the argument of i740_calc_vclk() (git-fixes). - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write (git-fixes). - video: fbdev: s3fb: Check the size of screen before memset_io() (git-fixes). - video: fbdev: sis: fix typos in SiS_GetModeID() (git-fixes). - video: fbdev: vt8623fb: Check the size of screen before memset_io() (git-fixes). - virtio_net: fix memory leak inside XPD_TX with mergeable (git-fixes). - vmci: Add support for ARM64 (bsc#1199291, jsc#SLE-24635). - vmci: Check exclusive_vectors when freeing interrupt 1 (bsc#1199291, jsc#SLE-24635). - vmci: Enforce queuepair max size for IOCTL_VMCI_QUEUEPAIR_ALLOC (bsc#1199291, jsc#SLE-24635). - vmci: Fix some error handling paths in vmci_guest_probe_device() (bsc#1199291, jsc#SLE-24635). - vmci: Release notification_bitmap in error path (bsc#1199291, jsc#SLE-24635). - vmci: dma dg: add MMIO access to registers (bsc#1199291, jsc#SLE-24635). - vmci: dma dg: add support for DMA datagrams receive (bsc#1199291, jsc#SLE-24635). - vmci: dma dg: add support for DMA datagrams sends (bsc#1199291, jsc#SLE-24635). - vmci: dma dg: allocate send and receive buffers for DMA datagrams (bsc#1199291, jsc#SLE-24635). - vmci: dma dg: detect DMA datagram capability (bsc#1199291, jsc#SLE-24635). - vmci: dma dg: register dummy IRQ handlers for DMA datagrams (bsc#1199291, jsc#SLE-24635). - vmci: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635). - vmci: dma dg: whitespace formatting change for vmci register defines (bsc#1199291, jsc#SLE-24635). - vmxnet3: Implement ethtool's get_channels command (bsc#1200431). - vmxnet3: Record queue number to incoming packets (bsc#1200431). - vmxnet3: Remove useless DMA-32 fallback configuration (bsc#1200431). - vmxnet3: add command to set ring buffer sizes (bsc#1200431). - vmxnet3: add support for capability registers (bsc#1200431). - vmxnet3: add support for large passthrough BAR register (bsc#1200431). - vmxnet3: add support for out of order rx completion (bsc#1200431). - vmxnet3: disable overlay offloads if UPT device does not support (bsc#1200431). - vmxnet3: do not reschedule napi for rx processing (bsc#1200431). - vmxnet3: do not stop tx queues after netif_device_detach() (bsc#1200431). - vmxnet3: limit number of TXDs used for TSO packet (bsc#1200431). - vmxnet3: prepare for version 7 changes (bsc#1200431). - vmxnet3: switch from 'pci_' to 'dma_' API (bsc#1200431). - vmxnet3: update to version 7 (bsc#1200431). - vmxnet3: use ext1 field to indicate encapsulated packet (bsc#1200431). - vsock: Fix memory leak in vsock_connect() (git-fixes). - vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() (git-fixes). - vt: Clear selection before changing the font (git-fixes). - vt: selection, introduce vc_is_sel (git-fixes). - watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in armada_37xx_wdt_probe() (git-fixes). - watchdog: wdat_wdt: Set the min and max timeout values properly (bsc#1194023). - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() (git-fixes). - wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd() (git-fixes). - wifi: mac80211: Do not finalize CSA in IBSS mode if state is disconnected (git-fixes). - wifi: mac80211: Fix UAF in ieee80211_scan_rx() (git-fixes). - wifi: mac80211_hwsim: add back erroneously removed cast (git-fixes). - wifi: mac80211_hwsim: fix race condition in pending packet (git-fixes). - wifi: mac80211_hwsim: use 32-bit skb cookie (git-fixes). - x86/bugs: Reenable retbleed=off While for older kernels the return thunks are statically built in and cannot be dynamically patched out, retbleed=off should still work so that it can be disabled. - x86/kexec: fix memory leak of elf header buffer (bsc#1196444). - x86/olpc: fix 'logical not is only applied to the left hand side' (git-fixes). - x86/xen: Remove undefined behavior in setup_features() (git-fixes). - xen/xenbus: fix return type in xenbus_file_read() (git-fixes). - xfs: Fix assert failure in xfs_setattr_size() (git-fixes). - xfs: bunmapi has unnecessary AG lock ordering issues (git-fixes). - xfs: check sb_meta_uuid for dabuf buffer recovery (bsc#1202577). - xfs: make xfs_rtalloc_query_range input parameters const (git-fixes). - xfs: mark a data structure sick if there are cross-referencing errors (git-fixes). - xfs: only reset incore inode health state flags when reclaiming an inode (git-fixes). - xfs: prevent a UAF when log IO errors race with unmount (git-fixes). - xfs: use kmem_cache_free() for kmem_cache objects (git-fixes). - xprtrdma: Fix XDRBUF_SPARSE_PAGES support (git-fixes). - xprtrdma: Fix cwnd update ordering (git-fixes).
Patchnames
SUSE-2022-3809,SUSE-SLE-Module-RT-15-SP3-2022-3809,SUSE-SUSE-MicroOS-5.1-2022-3809,SUSE-SUSE-MicroOS-5.2-2022-3809,openSUSE-Leap-Micro-5.2-2022-3809
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).


To clipboard 

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "important",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for the Linux Kernel",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "\nThe SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2016-3695: Fixed an issue inside the einj_error_inject function in drivers/acpi/apei/einj.c that allowed users to simulate hardware errors and consequently cause a denial of service (bnc#1023051).\n- CVE-2020-16119: Fixed a use-after-free due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released (bnc#1177471).\n- CVE-2020-27784: Fixed a vulnerability that was found in printer_ioctl() printer_ioctl() when accessing a deallocated instance (bnc#1202895).\n- CVE-2021-4155: Fixed a data leak flaw that was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem (bnc#1194272).\n- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bnc#1194535).\n- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).\n- CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).\n- CVE-2022-2503: Fixed a LoadPin bypass in Dm-verity (bnc#1202677).\n- CVE-2022-2586: Fixed issue in netfilter that allowed CHAIN_ID to refer to another table (bsc#1202095).\n- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).\n- CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726).\n- CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where the message handling could be confused and incorrectly matches the message (bnc#1202097).\n- CVE-2022-2905: Fixed tnum_range usage on array range checking for poke descriptors (bsc#1202564, bsc#1202860).\n- CVE-2022-2977: Fixed reference counting for struct tpm_chip (bsc#1202672).\n- CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898).\n- CVE-2022-3169: Fixed a denial of service that resulted in a PCIe link disconnect (bnc#1203290).\n- CVE-2022-32296: Fixed issue where TCP servers were able to identify clients by observing what source ports are used (bnc#1200288).\n- CVE-2022-3239: Fixed a use-after-free in the video4linux driver (bnc#1203552).\n- CVE-2022-3303: Fixed a race at SNDCTL_DSP_SYNC (bsc#1203769).\n- CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948).\n- CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107).\n- CVE-2022-39190: Fixed an issue that was discovered in net/netfilter/nf_tables_api.c and could cause a denial of service upon binding to an already bound chain (bnc#1203117).\n- CVE-2022-40768: Fixed information leak in drivers/scsi/stex.c due to stex_queuecommand_lck lack a memset for the PASSTHRU_CMD case (bnc#1203514).\n- CVE-2022-41218: Fixed a use-after-free due to refcount races at releasing (bsc#1202960).\n- CVE-2022-41222: Fixed a use-after-free via a stale TLB because an rmap lock is not held during a PUD move (bnc#1203622).\n- CVE-2022-41674: Fixed a DoS issue where kernel can crash on the reception of specific WiFi Frames (bsc#1203770).\n- CVE-2022-41848: Fixed a use-after-free in mgslpc_ops (bsc#1203987).\n- CVE-2022-41849: Fixed a use-after-free in ufx_ops_open() (bsc#1203992).\n- CVE-2022-42719: Fixed MBSSID parsing use-after-free (bsc#1204051).\n- CVE-2022-42720: Fixed BSS refcounting bugs (bsc#1204059).\n- CVE-2022-42721: Avoid nontransmitted BSS list corruption (bsc#1204060).\n- CVE-2022-42722: Fixed crash in beacon protection for P2P-device (bsc#1204125).\n\nThe following non-security bugs were fixed:\n\n- Fixed parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).\n- acpi: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks (git-fixes).\n- acpi: LPSS: Fix missing check in register_device_clock() (git-fixes).\n- acpi: PM: save NVS memory for Lenovo G40-45 (git-fixes).\n- acpi: processor idle: Practically limit 'Dummy wait' workaround to old Intel systems (bnc#1203802).\n- acpi: processor: Remove freq Qos request for all CPUs (git-fixes).\n- acpi: property: Return type of acpi_add_nondev_subnodes() should be bool (git-fixes).\n- acpi: video: Force backlight native for some TongFang devices (git-fixes).\n- alsa: aloop: Fix random zeros in capture data when using jiffies timer (git-fixes).\n- alsa: bcd2000: Fix a UAF bug on the error path of probing (git-fixes).\n- alsa: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() (git-fixes).\n- alsa: hda/cirrus - support for iMac 12,1 model (git-fixes).\n- alsa: hda/conexant: Add quirk for LENOVO 20149 Notebook model (git-fixes).\n- alsa: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED (git-fixes).\n- alsa: hda/realtek: Add mute LED quirk for HP Omen laptop (git-fixes).\n- alsa: hda/realtek: Add new alc285-hp-amp-init model (git-fixes).\n- alsa: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes).\n- alsa: hda/realtek: Add pincfg for ASUS G533Z HP jack (git-fixes).\n- alsa: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes).\n- alsa: hda/realtek: Add quirk for Clevo L140PU (git-fixes).\n- alsa: hda/realtek: Add quirk for Clevo NP50PNJ (git-fixes).\n- alsa: hda/realtek: Add quirk for Clevo NP70PNJ (git-fixes).\n- alsa: hda/realtek: Add quirk for Clevo NP70PNP (git-fixes).\n- alsa: hda/realtek: Add quirk for Clevo NS50PU (git-fixes).\n- alsa: hda/realtek: Add quirk for Clevo NV45PZ (git-fixes).\n- alsa: hda/realtek: Add quirk for Dell Latitude 7520 (git-fixes).\n- alsa: hda/realtek: Add quirk for HP Dev One (git-fixes).\n- alsa: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx (git-fixes).\n- alsa: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes).\n- alsa: hda/realtek: Add quirk for TongFang devices with pop noise (git-fixes).\n- alsa: hda/realtek: Add quirk for another Asus K42JZ model (git-fixes).\n- alsa: hda/realtek: Add quirk for the Framework Laptop (git-fixes).\n- alsa: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop (git-fixes).\n- alsa: hda/realtek: Fix LED on HP ProBook 435 G7 (git-fixes).\n- alsa: hda/realtek: Fix deadlock by COEF mutex (git-fixes).\n- alsa: hda/realtek: Fix headset mic for Acer SF313-51 (git-fixes).\n- alsa: hda/realtek: Re-arrange quirk table entries (git-fixes).\n- alsa: hda/realtek: fix mute/micmute LEDs for HP machines (git-fixes).\n- alsa: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).\n- alsa: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (git-fixes).\n- alsa: hda/realtek: fix right sounds and mute/micmute LEDs for HP machines (git-fixes).\n- alsa: hda/sigmatel: Fix unused variable warning for beep power change (git-fixes).\n- alsa: hda/sigmatel: Keep power up while beep is enabled (git-fixes).\n- alsa: hda/tegra: Align BDL entry to 4KB boundary (git-fixes).\n- alsa: hda: add Intel 5 Series / 3400 PCI DID (git-fixes).\n- alsa: info: Fix llseek return value when using callback (git-fixes).\n- alsa: seq: Fix data-race at module auto-loading (git-fixes).\n- alsa: seq: oss: Fix data-race for max_midi_devs access (git-fixes).\n- alsa: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() (git-fixes).\n- alsa: usb-audio: Inform the delayed registration more properly (git-fixes).\n- alsa: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II (git-fixes).\n- alsa: usb-audio: Register card again for iface over delayed_register option (git-fixes).\n- alsa: usb-audio: Split endpoint setups for hw_params and prepare (git-fixes).\n- alsa: usb-audio: fix spelling mistakes (git-fixes).\n- arm64/mm: Validate hotplug range before creating linear mapping (git-fixes)\n- arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1 (git-fixes)\n- arm64: dts: allwinner: A64 Sopine: phy-mode rgmii-id (git-fixes)\n- arm64: dts: allwinner: H5: NanoPi Neo Plus2: phy-mode rgmii-id (git-fixes)\n- arm64: dts: allwinner: a64-sopine-baseboard: change RGMII mode to (bsc#1202341)\n- arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (git-fixes)\n- arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma (git-fixes)\n- arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz (git-fixes)\n- arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC (git-fixes)\n- arm64: kexec_file: use more system keyrings to verify kernel image signature (bsc#1196444).\n- arm64: mm: Always update TCR_EL1 from __cpu_set_tcr_t0sz() (git-fixes)\n- arm64: mm: fix p?d_leaf() (git-fixes)\n- arm64: mm: use a 48-bit ID map when possible on 52-bit VA builds (git-fixes)\n- arm64: signal: nofpsimd: Do not allocate fp/simd context when not available (git-fixes).\n- arm64: tegra: Fix SDMMC1 CD on P2888 (git-fixes)\n- arm64: tegra: Remove non existent Tegra194 reset (git-fixes)\n- arm64: tlb: fix the TTL value of tlb_get_level (git-fixes)\n- arm: 9077/1: PLT: Move struct plt_entries definition to header (git-fixes).\n- arm: 9078/1: Add warn suppress parameter to arm_gen_branch_link() (git-fixes).\n- arm: 9079/1: ftrace: Add MODULE_PLTS support (git-fixes).\n- arm: 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE (git-fixes).\n- asm-generic: sections: refactor memory_intersects (git-fixes).\n- asoc: SOF: debug: Fix potential buffer overflow by snprintf() (git-fixes).\n- asoc: audio-graph-card: Add of_node_put() in fail path (git-fixes).\n- asoc: codecs: da7210: add check for i2c_add_driver (git-fixes).\n- asoc: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV (git-fixes).\n- asoc: codecs: wcd9335: move gains from SX_TLV to S8_TLV (git-fixes).\n- asoc: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe (git-fixes).\n- asoc: nau8824: Fix semaphore unbalance at error paths (git-fixes).\n- asoc: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() (git-fixes).\n- asoc: tas2770: Allow mono streams (git-fixes).\n- asoc: tas2770: Reinit regcache on reset (git-fixes).\n- ata: libata-eh: Add missing command name (git-fixes).\n- atm: idt77252: fix use-after-free bugs caused by tst_timer (git-fixes).\n- blk-iocost: clamp inuse and skip noops in __propagate_weights() (bsc#1202722).\n- blk-iocost: fix operation ordering in iocg_wake_fn() (bsc#1202720).\n- blk-iocost: fix weight updates of inner active iocgs (bsc#1202717).\n- blk-iocost: rename propagate_active_weights() to propagate_weights() (bsc#1202722).\n- blktrace: fix blk_rq_merge documentation (git-fixes).\n- bluetooth: L2CAP: Fix build errors in some archs (git-fixes).\n- bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression (git-fixes).\n- bluetooth: MGMT: Fixes build warnings with C=1 (git-fixes).\n- bpf: Compile out btf_parse_module() if module BTF is not enabled (git-fixes).\n- can: ems_usb: fix clang's -Wunaligned-access warning (git-fixes).\n- can: gs_usb: gs_can_open(): fix race dev->can.state condition (git-fixes).\n- ceph: do not leak snap_rwsem in handle_cap_grant (bsc#1202810).\n- ceph: do not truncate file in atomic_open (bsc#1202811).\n- cgroup: Trace event cgroup id fields should be u64 (git-fixes).\n- cgroup: Use separate src/dst nodes when preloading css_sets for migration (bsc#1201610).\n- cgroup: cgroup_get_from_id() must check the looked-up kn is a directory (bsc#1203906).\n- clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate (git-fixes).\n- clk: core: Fix runtime PM sequence in clk_core_unprepare() (git-fixes).\n- clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops (git-fixes).\n- clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks (git-fixes).\n- clk: iproc: Do not rely on node name for correct PLL setup (git-fixes).\n- clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (git-fixes).\n- clk: rockchip: add sclk_mac_lbtest to rk3188_critical_clocks (git-fixes).\n- coresight: cti: Correct the parameter for pm_runtime_put (git-fixes).\n- crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE (git-fixes)\n- crypto: arm64/poly1305 - fix a read out-of-bound (git-fixes)\n- devlink: Fix use-after-free after a failed reload (git-fixes).\n- dm raid: fix KASAN warning in raid5_add_disks (git-fixes).\n- dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed (git-fixes).\n- dpaa2-eth: unregister the netdev before disconnecting from the PHY (git-fixes).\n- driver core: Do not probe devices after bus_type.match() probe deferral (git-fixes).\n- drm/amd/display: Limit user regamma to a valid value (git-fixes).\n- drm/amdgpu: Check BO's requested pinning domains against its preferred_domains (git-fixes).\n- drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup (git-fixes).\n- drm/amdgpu: do not register a dirty callback for non-atomic (git-fixes).\n- drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly (git-fixes).\n- drm/amdgpu: remove useless condition in amdgpu_job_stop_all_jobs_on_sched() (git-fixes).\n- drm/amdgpu: use dirty framebuffer helper (git-fixes).\n- drm/gem: Fix GEM handle release errors (git-fixes).\n- drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error (git-fixes).\n- drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk (git-fixes).\n- drm/i915/reg: Fix spelling mistake 'Unsupport' -> 'Unsupported' (git-fixes).\n- drm/meson: Correct OSD1 global alpha value (git-fixes).\n- drm/meson: Fix OSD1 RGB to YCbCr coefficient (git-fixes).\n- drm/meson: Fix overflow implicit truncation warnings (git-fixes).\n- drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() (git-fixes).\n- drm/msm/dsi: Fix number of regulators for SDM660 (git-fixes).\n- drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg (git-fixes).\n- drm/msm/dsi: fix the inconsistent indenting (git-fixes).\n- drm/msm/rd: Fix FIFO-full deadlock (git-fixes).\n- drm/radeon: add a force flush to delay work when radeon (git-fixes).\n- drm/rockchip: Fix return type of cdn_dp_connector_mode_valid (git-fixes).\n- drm/sun4i: dsi: Prevent underflow when computing packet sizes (git-fixes).\n- dtb: Do not include sources in src.rpm - refer to kernel-source Same as other kernel binary packages there is no need to carry duplicate sources in dtb packages.\n- efi: capsule-loader: Fix use-after-free in efi_capsule_write (git-fixes).\n- ehea: fix error return code in ehea_restart_qps() (git-fixes).\n- enetc: Fix endianness issues for enetc_qos (git-fixes).\n- ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read() (git-fixes).\n- ext4: Fix BUG_ON in ext4_bread when write quota data (bsc#1197755).\n- ext4: add reserved GDT blocks check (bsc#1202712).\n- ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() (bsc#1202708).\n- ext4: do not use the orphan list when migrating an inode (bsc#1197756).\n- ext4: fix bug_on in ext4_writepages (bsc#1200872).\n- ext4: fix error handling code in add_new_gdb (bsc#1179722).\n- ext4: fix error handling in ext4_restore_inline_data() (bsc#1197757).\n- ext4: fix invalid inode checksum (bsc#1179723).\n- ext4: fix loff_t overflow in ext4_max_bitmap_size() (bsc#1202709).\n- ext4: fix overhead calculation to account for the reserved gdt blocks (bsc#1200869).\n- ext4: fix potential infinite loop in ext4_dx_readdir() (bsc#1191662).\n- ext4: fix race when reusing xattr blocks (bsc#1198971).\n- ext4: fix symlink file size not match to file content (bsc#1200868).\n- ext4: fix use-after-free in ext4_rename_dir_prepare (bsc#1200871).\n- ext4: fix use-after-free in ext4_search_dir (bsc#1202710).\n- ext4: fix warning in ext4_handle_inode_extension (bsc#1202711).\n- ext4: force overhead calculation if the s_overhead_cluster makes no sense (bsc#1200870).\n- ext4: recover csum seed of tmp_inode after migrating to extents (bsc#1202713).\n- ext4: remove EA inode entry from mbcache on inode eviction (bsc#1198971).\n- ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971).\n- fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters (git-fixes).\n- fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init() (git-fixes).\n- fbdev: fb_pm2fb: Avoid potential divide by zero error (git-fixes).\n- firmware: tegra: bpmp: Do only aligned access to IPC memory area (git-fixes).\n- fs-writeback: writeback_sb_inodes: Recalculate 'wrote' according skipped pages (bsc#1200873).\n- ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead (git-fixes).\n- fuse: Remove the control interface for virtio-fs (bsc#1203137).\n- fuse: ioctl: translate ENOSYS (bsc#1203136).\n- fuse: limit nsec (bsc#1203135).\n- gadgetfs: ep_io - wait until IRQ finishes (git-fixes).\n- geneve: do not use RT_TOS for IPv6 flowlabel (git-fixes).\n- geneve: fix TOS inheriting for ipv4 (git-fixes).\n- gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx (git-fixes).\n- gpio: pca953x: Add mutex_lock for regcache sync in PM (git-fixes).\n- hid: alps: Declare U1_UNICORN_LEGACY support (git-fixes).\n- hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message (git-fixes).\n- hid: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo (git-fixes).\n- hid: steam: Prevent NULL pointer dereference in steam_{recv,send}_report (git-fixes).\n- hid: wacom: Do not register pad_input for touch switch (git-fixes).\n- hid: wacom: Only report rotation for art pen (git-fixes).\n- hv_netvsc: Load and store the proper (NBL_HASH_INFO) per-packet info (bsc#1202701).\n- hwmon: (gpio-fan) Fix array out of bounds access (git-fixes).\n- i2c: imx: Make sure to unregister adapter on remove() (git-fixes).\n- ice: report supported and advertised autoneg using PHY capabilities (git-fixes).\n- ieee802154/adf7242: defer destroy_workqueue call (git-fixes).\n- ieee802154: cc2520: add rc code in cc2520_tx() (git-fixes).\n- iio: adc: mcp3911: make use of the sign bit (git-fixes).\n- iio: adc: mcp3911: use correct formula for AD conversion (git-fixes).\n- ima: force signature verification when CONFIG_KEXEC_SIG is configured (bsc#1203737).\n- input: iforce - add support for Boeder Force Feedback Wheel (git-fixes).\n- input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag (git-fixes).\n- input: melfas_mip4 - fix return value check in mip4_probe() (git-fixes).\n- input: rk805-pwrkey - fix module autoloading (git-fixes).\n- input: snvs_pwrkey - fix SNVS_HPVIDR1 register address (git-fixes).\n- intel_th: pci: Add Meteor Lake-P support (git-fixes).\n- intel_th: pci: Add Raptor Lake-S CPU support (git-fixes).\n- intel_th: pci: Add Raptor Lake-S PCH support (git-fixes).\n- iommu/amd: Simplify and Consolidate Virtual APIC (AVIC) Enablement (git-fixes).\n- iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop (git-fixes).\n- iommu/exynos: Handle failed IOMMU device registration properly (git-fixes).\n- iommu/iova: Improve 32-bit free space estimate (git-fixes).\n- iommu/ipmmu-vmsa: Check for error num after setting mask (git-fixes).\n- iommu/mediatek: Add list_del in mtk_iommu_remove (git-fixes).\n- iommu/msm: Fix an incorrect NULL check on list iterator (git-fixes).\n- iommu/omap: Fix regression in probe for NULL pointer dereference (git-fixes).\n- iommu/vt-d: Calculate mask for non-aligned flushes (git-fixes).\n- iommu/vt-d: Fix PCI bus rescan device hot add (git-fixes).\n- iommu/vt-d: Fix RID2PASID setup/teardown failure (git-fixes).\n- iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) (git-fixes).\n- ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes).\n- ipmi: ssif: initialize ssif_info->client early (git-fixes).\n- ixgbevf: add correct exception tracing for XDP (git-fixes).\n- jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted (bsc#1202716).\n- jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction() (bsc#1202715).\n- jfs: fix GPF in diFree (bsc#1203389).\n- jfs: fix memleak in jfs_mount (git-fixes).\n- jfs: more checks for invalid superblock (git-fixes).\n- jfs: prevent NULL deref in diFree (bsc#1203389).\n- kABI: x86: kexec: hide new include from genksyms (bsc#1196444).\n- kabi: cgroup: Restore KABI of css_set (bsc#1201610).\n- kbuild: do not create built-in objects for external module builds (jsc#SLE-24559 bsc#1202756).\n- kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (bsc#1181862 git-fixes).\n- kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (git-fixes).\n- kernel-binary: move @NOSOURCE@ to @SOURCES@ as in other packages\n- kernel-obs-build: include qemu_fw_cfg (boo#1201705)\n- kernel-source: include the kernel signature file We assume that the upstream tarball is used for released kernels. Then we can also include the signature file and keyring in the kernel-source src.rpm. Because of mkspec code limitation exclude the signature and keyring from binary packages always - mkspec does not parse spec conditionals.\n- kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification (bsc#1196444).\n- kexec, KEYS: make the code in bzImage64_verify_sig generic (bsc#1196444).\n- kexec: clean up arch_kexec_kernel_verify_sig (bsc#1196444).\n- kexec: do not verify the signature without the lockdown or mandatory signature (bsc#1203737).\n- kexec: drop weak attribute from functions (bsc#1196444).\n- kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] (bsc#1196444).\n- kexec_file: drop weak attribute from functions (bsc#1196444).\n- kfifo: fix kfifo_to_user() return type (git-fixes).\n- kfifo: fix ternary sign extension bugs (git-fixes).\n- kvm: PPC: Book3S HV: Context tracking exit guest context before enabling irqs (bsc#1065729).\n- kvm: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB (bsc#1156395).\n- kvm: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr() (bsc#1156395).\n- kvm: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1156395).\n- kvm: PPC: Use arch_get_random_seed_long instead of powernv variant (bsc#1156395).\n- kvm: VMX: Refuse to load kvm_intel if EPT and NX are disabled (git-fixes).\n- kvm: nVMX: Let userspace set nVMX MSR to any _host_ supported value (git-fixes).\n- kvm: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case (git-fixes).\n- kvm: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case (git-fixes).\n- kvm: x86: Mark TSS busy during LTR emulation _after_ all fault checks (git-fixes).\n- kvm: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP (git-fixes).\n- kvm: x86: accept userspace interrupt only if no event is injected (git-fixes).\n- lib/list_debug.c: Detect uninitialized lists (git-fixes).\n- lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc() (git-fixes).\n- libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205 (git-fixes).\n- lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420 ZDI-CAN-17325).\n- list: add 'list_del_init_careful()' to go with 'list_empty_careful()' (bsc#1202745).\n- locking/lockdep: Avoid potential access of invalid memory in lock_class (git-fixes).\n- loop: Fix missing discard support when using LOOP_CONFIGURE (bsc#1202718).\n- mbcache: add functions to delete entry if unused (bsc#1198971).\n- mbcache: do not reclaim used entries (bsc#1198971).\n- md-raid10: fix KASAN warning (git-fixes).\n- md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158).\n- md: call __md_stop_writes in md_stop (git-fixes).\n- md: unlock mddev before reap sync_thread in action_store (bsc#1197659).\n- media: aspeed-video: ignore interrupts that are not enabled (git-fixes).\n- media: coda: Add more H264 levels for CODA960 (git-fixes).\n- media: coda: Fix reported H264 profile (git-fixes).\n- media: dvb_vb2: fix possible out of bound access (git-fixes).\n- mfd: max77620: Fix refcount leak in max77620_initialise_fps (git-fixes).\n- mfd: t7l66xb: Drop platform disable callback (git-fixes).\n- misc: fastrpc: fix memory corruption on open (git-fixes).\n- misc: fastrpc: fix memory corruption on probe (git-fixes).\n- mkspec: eliminate @NOSOURCE@ macro This should be alsways used with @SOURCES@, just include the content there.\n- mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse (git-fixes, bsc#1203098).\n- mm: bdi: initialize bdi_min_ratio when bdi is unregistered (bsc#1197763).\n- mm: memcontrol: fix potential oom_lock recursion deadlock (bsc#1202447).\n- mm: pagewalk: Fix race between unmap and page walker (git-fixes, bsc#1203159).\n- mm: proc: smaps_rollup: do not stall write attempts on mmap_lock (bsc#1201990).\n- mm: smaps*: extend smap_gather_stats to support specified beginning (bsc#1201990).\n- mmap locking API: add mmap_lock_is_contended() (bsc#1201990).\n- mmc: moxart: fix 4-bit bus width and remove 8-bit bus width (git-fixes).\n- mmc: pxamci: Fix an error handling path in pxamci_probe() (git-fixes).\n- mmc: pxamci: Fix another error handling path in pxamci_probe() (git-fixes).\n- module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols (git-fixes).\n- mtd: maps: Fix refcount leak in ap_flash_init (git-fixes).\n- mtd: maps: Fix refcount leak in of_flash_probe_versatile (git-fixes).\n- mtd: partitions: Fix refcount leak in parse_redboot_of (git-fixes).\n- mtd: rawnand: meson: Fix a potential double free issue (git-fixes).\n- mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release (git-fixes).\n- mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path (git-fixes).\n- net/mlx5e: Check for needed capability for cvlan matching (git-fixes).\n- net: bcmgenet: Add mdio-bcm-unimac soft dependency (git-fixes).\n- net: cpsw: Properly initialise struct page_pool_params (git-fixes).\n- net: cpsw: add missing of_node_put() in cpsw_probe_dt() (git-fixes).\n- net: davinci_emac: Fix incorrect masking of tx and rx error channel (git-fixes).\n- net: dsa: felix: suppress -EPROBE_DEFER errors (git-fixes).\n- net: dsa: mt7530: fix VLAN traffic leaks (git-fixes).\n- net: enetc: Use pci_release_region() to release some resources (git-fixes).\n- net: enetc: report software timestamping via SO_TIMESTAMPING (git-fixes).\n- net: enetc: unmap DMA in enetc_send_cmd() (git-fixes).\n- net: ethernet: aeroflex: fix UAF in greth_of_remove (git-fixes).\n- net: ethernet: ezchip: fix UAF in nps_enet_remove (git-fixes).\n- net: ethernet: ezchip: fix error handling (git-fixes).\n- net: ethernet: ezchip: remove redundant check (git-fixes).\n- net: ethernet: fix potential use-after-free in ec_bhf_remove (git-fixes).\n- net: ethernet: ti: cpsw_ale: Fix access to un-initialized memory (git-fixes).\n- net: fec: fix the potential memory leak in fec_enet_init() (git-fixes).\n- net: fec_ptp: add clock rate zero check (git-fixes).\n- net: hns: Fix kernel-doc (git-fixes).\n- net: lantiq: fix memory corruption in RX ring (git-fixes).\n- net: mana: Add rmb after checking owner bits (git-fixes).\n- net: mana: Add support of XDP_REDIRECT action (bsc#1201310, jsc#PED-529).\n- net: mana: Add the Linux MANA PF driver (bsc#1201309, jsc#PED-529).\n- net: moxa: Use devm_platform_get_and_ioremap_resource() (git-fixes).\n- net: mscc: ocelot: correctly report the timestamping RX filters in ethtool (git-fixes).\n- net: mscc: ocelot: do not downgrade timestamping RX filters in SIOCSHWTSTAMP (git-fixes).\n- net: netcp: Fix an error message (git-fixes).\n- net: pch_gbe: Propagate error from devm_gpio_request_one() (git-fixes).\n- net: rose: fix netdev reference changes (git-fixes).\n- net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer (git-fixes).\n- net: stmicro: handle clk_prepare() failure during init (git-fixes).\n- net: stmmac: disable clocks in stmmac_remove_config_dt() (git-fixes).\n- net: stmmac: dwmac1000: Fix extended MAC address registers definition (git-fixes).\n- net: usb: qmi_wwan: add Quectel RM520N (git-fixes).\n- net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() (bsc#1200431).\n- net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() (bsc#1200431).\n- net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c (bsc#1200431).\n- net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send (git-fixes).\n- net:enetc: allocate CBD ring data memory using DMA coherent methods (git-fixes).\n- net_sched: cls_route: disallow handle of 0 (bsc#1202393).\n- nfs: fix nfs_path in case of a rename retry (git-fixes).\n- nfsd: Add missing NFSv2 .pc_func methods (git-fixes).\n- nfsd: Clamp WRITE offsets (git-fixes).\n- nfsd: Fix offset type in I/O trace points (git-fixes).\n- nfsd: Fix possible sleep during nfsd4_release_lockowner() (git-fixes).\n- nfsd: fix use-after-free due to delegation race (git-fixes).\n- nfsd: prevent integer overflow on 32 bit systems (git-fixes).\n- nfsd: prevent underflow in nfssvc_decode_writeargs() (git-fixes).\n- nfsv4.1: Do not decrease the value of seq_nr_highest_sent (git-fixes).\n- nfsv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly (git-fixes).\n- nfsv4.1: RECLAIM_COMPLETE must handle EACCES (git-fixes).\n- nfsv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag (git-fixes).\n- nfsv4: Fix races in the legacy idmapper upcall (git-fixes).\n- nfsv4: Fix second deadlock in nfs4_evict_inode() (git-fixes).\n- nfsv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error (git-fixes).\n- ntb: ntb_tool: uninitialized heap data in tool_fn_write() (git-fixes).\n- nvme-fabrics: parse nvme connect Linux error codes (bsc#1201865).\n- nvme-rdma: Handle number of queue changes (bsc#1201865).\n- nvme-tcp: Handle number of queue changes (bsc#1201865).\n- nvme-tcp: fix UAF when detecting digest errors (bsc#1200313 bsc#1201489).\n- nvme: fix RCU hole that allowed for endless looping in multipath round robin (bsc#1202636).\n- nvmet: Expose max queues to configfs (bsc#1201865).\n- objtool: Add support for intra-function calls (bsc#1202396).\n- objtool: Make handle_insn_ops() unconditional (bsc#1202396).\n- objtool: Remove INSN_STACK (bsc#1202396).\n- objtool: Rework allocating stack_ops on decode (bsc#1202396).\n- objtool: Support multiple stack_op per instruction (bsc#1202396).\n- ocfs2: drop acl cache for directories too (bsc#1191667).\n- ocfs2: fix crash when initialize filecheck kobj fails (bsc#1197920).\n- ocfs2: mount fails with buffer overflow in strlen (bsc#1197760).\n- of/device: Fix up of_dma_configure_id() stub (git-fixes).\n- of: fdt: fix off-by-one error in unflatten_dt_nodes() (git-fixes).\n- padata: introduce internal padata_get/put_pd() helpers (bsc#1202638).\n- padata: make padata_free_shell() to respect pd's ->refcnt (bsc#1202638).\n- parisc/sticon: fix reverse colors (bsc#1152489).\n- parisc: parisc-agp requires SBA IOMMU driver (bsc#1152489)\n- pci/acpi: Guard ARM64-specific mcfg_quirks (git-fixes).\n- pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).\n- pci: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845).\n- pci: hv: Fix interrupt mapping for multi-MSI (bsc#1200845).\n- pci: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845).\n- pci: hv: Make the code arch neutral by adding arch specific interfaces (bsc#1200845).\n- pci: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845).\n- pci: hv: Reuse existing IRTE allocation in compose_msi_msg() (bsc#1200845).\n- pci: qcom: Fix pipe clock imbalance (git-fixes).\n- perf bench: Share some global variables to fix build with gcc 10 (git-fixes).\n- pinctrl/rockchip: fix gpio device creation (git-fixes).\n- pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map (git-fixes).\n- pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed (git-fixes).\n- pinctrl: rockchip: Enhance support for IRQ_TYPE_EDGE_BOTH (git-fixes).\n- pinctrl: sunxi: Add I/O bias setting for H6 R-PIO (git-fixes).\n- platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes (git-fixes).\n- platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (git-fixes).\n- powerpc/drmem: Make lmb_size 64 bit (bsc#1203424 ltc#199544).\n- powerpc/memhotplug: Make lmb size 64bit (bsc#1203424 ltc#199544).\n- powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable (bsc#1156395).\n- powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729).\n- powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).\n- powerpc/powernv: Staticify functions without prototypes (bsc#1065729).\n- powerpc/powernv: delay rng platform device creation until later in boot (bsc#1065729).\n- powerpc/powernv: rename remaining rng powernv_ functions to pnv_ (bsc#1065729).\n- powerpc/powernv: wire up rng during setup_arch (bsc#1065729).\n- powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).\n- powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess).\n- powerpc: Enable execve syscall exit tracepoint (bsc#1065729).\n- powerpc: define get_cycles macro for arch-override (bsc#1065729).\n- powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729).\n- ppc64/kdump: Limit kdump base to 512MB (bsc#1203410 ltc#199904).\n- profiling: fix shift too large makes kernel panic (git-fixes).\n- psi: Fix uaf issue when psi trigger is destroyed while being polled (bsc#1203909).\n- qlcnic: Add null check after calling netdev_alloc_skb (git-fixes).\n- random: fix crash on multiple early calls to add_bootloader_randomness() (git-fixes).\n- ratelimit: Fix data-races in ___ratelimit() (git-fixes).\n- regulator: core: Clean up on enable failure (git-fixes).\n- regulator: pfuze100: Fix the global-out-of-bounds access in pfuze100_regulator_probe() (git-fixes).\n- reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr (bsc#1202714).\n- remoteproc: qcom: q6v5-mss: add powerdomains to MSM8996 config (git-fixes).\n- remoteproc: qcom: wcnss: Fix handling of IRQs (git-fixes).\n- reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes).\n- rpm/kernel-binary.spec.in: move vdso to a separate package (bsc#1202385) We do the move only on 15.5+.\n- rpm/kernel-binary.spec.in: simplify find for usrmerged The type test and print line are the same for both cases. The usrmerged case only ignores more, so refactor it to make it more obvious.\n- rpm/kernel-source.spec.in: simplify finding of broken symlinks 'find -xtype l' will report them, so use that to make the search a bit faster (without using shell).\n- s390/crash: fix incorrect number of bytes to copy to user space (git-fixes).\n- s390/crash: make copy_oldmem_page() return number of bytes copied (git-fixes).\n- s390/mm: do not trigger write fault when vma does not allow VM_WRITE (git-fixes).\n- s390/mm: fix 2KB pgtable release race (git-fixes).\n- s390/ptrace: pass invalid syscall numbers to tracing (bsc#1192594 LTC#197522).\n- s390/qeth: cache link_info for ethtool (bsc#1202984 LTC#199607).\n- s390/qeth: clean up default cases for ethtool link mode (bsc#1202984 LTC#199607).\n- s390/qeth: improve QUERY CARD INFO processing (bsc#1202984 LTC#199607).\n- s390/qeth: improve selection of ethtool link modes (bsc#1202984 LTC#199607).\n- s390/qeth: set static link info during initialization (bsc#1202984 LTC#199607).\n- s390/qeth: tolerate error when querying card info (bsc#1202984 LTC#199607).\n- s390/qeth: use QUERY OAT for initial link info (bsc#1202984 LTC#199607).\n- scsi: core: Fix bad pointer dereference when ehandler kthread is invalid (git-fixes).\n- scsi: lpfc: Add missing destroy_workqueue() in error path (bsc#1203939).\n- scsi: lpfc: Add missing free iocb and nlp kref put for early return VMID cases (bsc#1203939).\n- scsi: lpfc: Add reporting capability for Link Degrade Signaling (bsc#1203939).\n- scsi: lpfc: Add warning notification period to CMF_SYNC_WQE (bsc#1203063).\n- scsi: lpfc: Check the return value of alloc_workqueue() (bsc#1203063).\n- scsi: lpfc: Copyright updates for 14.2.0.6 patches (bsc#1203063).\n- scsi: lpfc: Fix FLOGI ACC with wrong SID in PT2PT topology (bsc#1203939).\n- scsi: lpfc: Fix mbuf pool resource detected as busy at driver unload (bsc#1203939).\n- scsi: lpfc: Fix multiple NVMe remoteport registration calls for the same NPort ID (bsc#1203939).\n- scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID (bsc#1203063).\n- scsi: lpfc: Fix prli_fc4_req checks in PRLI handling (bsc#1203939).\n- scsi: lpfc: Fix unsolicited FLOGI receive handling during PT2PT discovery (bsc#1203063).\n- scsi: lpfc: Fix various issues reported by tools (bsc#1203939).\n- scsi: lpfc: Move scsi_host_template outside dynamically allocated/freed phba (bsc#1185032 bsc#1203939).\n- scsi: lpfc: Remove SANDiags related code (bsc#1203063).\n- scsi: lpfc: Remove the unneeded result variable (bsc#1203939).\n- scsi: lpfc: Remove unneeded result variable (bsc#1203939).\n- scsi: lpfc: Rename mp/bmp dma buffers to rq/rsp in lpfc_fdmi_cmd (bsc#1203939).\n- scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of DID_REQUEUE (bsc#1203939).\n- scsi: lpfc: Rework FDMI attribute registration for unintential padding (bsc#1203939).\n- scsi: lpfc: Rework MIB Rx Monitor debug info logic (bsc#1203063).\n- scsi: lpfc: Rework lpfc_fdmi_cmd() routine for cleanup and consistency (bsc#1203939).\n- scsi: lpfc: Update congestion mode logging for Emulex SAN Manager application (bsc#1203939).\n- scsi: lpfc: Update lpfc version to 14.2.0.6 (bsc#1203063).\n- scsi: lpfc: Update lpfc version to 14.2.0.7 (bsc#1203939).\n- scsi: mpt3sas: Fix use-after-free warning (git-fixes).\n- scsi: qla2xxx: Add NVMe parameters support in Auxiliary Image Status (bsc#1203935).\n- scsi: qla2xxx: Add debugfs create/delete helpers (bsc#1203935).\n- scsi: qla2xxx: Always wait for qlt_sess_work_fn() from qlt_stop_phase1() (bsc#1203935).\n- scsi: qla2xxx: Avoid flush_scheduled_work() usage (bsc#1203935).\n- scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX (bsc#1203935).\n- scsi: qla2xxx: Drop DID_TARGET_FAILURE use (bsc#1203935).\n- scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() (bsc#1203935).\n- scsi: qla2xxx: Fix response queue handler reading stale packets (bsc#1203935).\n- scsi: qla2xxx: Log message 'skipping scsi_scan_host()' as informational (bsc#1203935).\n- scsi: qla2xxx: Remove unused declarations for qla2xxx (bsc#1203935).\n- scsi: qla2xxx: Remove unused del_sess_list field (bsc#1203935).\n- scsi: qla2xxx: Remove unused qlt_tmr_work() (bsc#1203935).\n- scsi: qla2xxx: Revert 'scsi: qla2xxx: Fix response queue handler reading stale packets' (bsc#1203935).\n- scsi: qla2xxx: Update version to 10.02.07.900-k (bsc#1203935).\n- scsi: sg: Allow waiting for commands to complete on removed device (git-fixes).\n- scsi: smartpqi: Fix DMA direction for RAID requests (git-fixes).\n- scsi: smartpqi: Shorten drive visibility after removal (bsc#1200622).\n- scsi: smartpqi: Update LUN reset handler (bsc#1200622).\n- selftests: futex: Use variable MAKE instead of make (git-fixes).\n- serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty() (git-fixes).\n- serial: Create uart_xmit_advance() (git-fixes).\n- serial: fsl_lpuart: RS485 RTS polariy is inverse (git-fixes).\n- serial: mvebu-uart: uart2 error bits clearing (git-fixes).\n- serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting (git-fixes).\n- serial: tegra: Change lower tolerance baud rate limit for tegra20 and tegra30 (git-fixes).\n- serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting (git-fixes).\n- silence nfscache allocation warnings with kvzalloc (git-fixes).\n- soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs (git-fixes).\n- soc: sunxi: sram: Actually claim SRAM regions (git-fixes).\n- soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes).\n- soc: sunxi: sram: Prevent the driver from being unbound (git-fixes).\n- spi: Fix incorrect cs_setup delay handling (git-fixes).\n- spi: spi-rspi: Fix PIO fallback on RZ platforms (git-fixes).\n- spi: synquacer: Add missing clk_disable_unprepare() (git-fixes).\n- spmi: trace: fix stack-out-of-bound access in SPMI tracing functions (git-fixes).\n- squashfs: fix divide error in calculate_skip() (git-fixes).\n- staging: rtl8712: fix use after free bugs (git-fixes).\n- struct ehci_hcd: hide new member (git-fixes).\n- struct otg_fsm: hide new boolean member in gap (git-fixes).\n- sunrpc: Clean up scheduling of autoclose (git-fixes).\n- sunrpc: Do not call connect() more than once on a TCP socket (git-fixes).\n- sunrpc: Do not dereference xprt->snd_task if it's a cookie (git-fixes).\n- sunrpc: Do not leak sockets in xs_local_connect() (git-fixes).\n- sunrpc: Fix READ_PLUS crasher (git-fixes).\n- sunrpc: Fix misplaced barrier in call_decode (git-fixes).\n- sunrpc: Prevent immediate close+reconnect (git-fixes).\n- sunrpc: RPC level errors should set task->tk_rpc_status (git-fixes).\n- sunrpc: Reinitialise the backchannel request buffers before reuse (git-fixes).\n- sunrpc: fix expiry of auth creds (git-fixes).\n- svcrdma: Hold private mutex while invoking rdma_accept() (git-fixes).\n- tee: optee: Fix incorrect page free bug (git-fixes).\n- thermal: Fix NULL pointer dereferences in of_thermal_ functions (git-fixes).\n- thermal: sysfs: Fix cooling_device_stats_setup() error code path (git-fixes).\n- thunderbolt: Use the actual buffer in tb_async_error() (git-fixes).\n- tools/thermal: Fix possible path truncations (git-fixes).\n- tracing/histogram: Fix a potential memory leak for kstrdup() (git-fixes).\n- tracing/histograms: Fix memory leak problem (git-fixes).\n- tracing/probes: Have kprobes and uprobes use $COMM too (git-fixes).\n- tracing: Add ustring operation to filtering string pointers (git-fixes).\n- tracing: hold caller_addr to hardirq_{enable,disable}_ip (git-fixes).\n- tty/serial: atmel: RS485 & ISO7816: wait for TXRDY before sending data (git-fixes).\n- tty: serial: Fix refcount leak bug in ucc_uart.c (git-fixes).\n- tty: serial: lpuart: disable flow control while waiting for the transmit engine to complete (git-fixes).\n- tty: vt: initialize unicode screen buffer (git-fixes).\n- usb-storage: Add ignore-residue quirk for NXP PN7462AU (git-fixes).\n- usb.h: struct usb_device: hide new member (git-fixes).\n- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).\n- usb: cdc-acm: Add Icom PMR F3400 support (0c26:0020) (git-fixes).\n- usb: core: Fix RST error in hub.c (git-fixes).\n- usb: core: Prevent nested device-reset calls (git-fixes).\n- usb: dwc2: fix wrong order of phy_power_on and phy_init (git-fixes).\n- usb: dwc3: Switch to platform_get_irq_byname_optional() (git-fixes).\n- usb: dwc3: disable USB core PHY management (git-fixes).\n- usb: dwc3: ep0: Fix delay status handling (git-fixes).\n- usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind (git-fixes).\n- usb: dwc3: gadget: END_TRANSFER before CLEAR_STALL command (git-fixes).\n- usb: dwc3: gadget: Fix IN endpoint max packet size allocation (git-fixes).\n- usb: dwc3: gadget: Prevent repeat pullup() (git-fixes).\n- usb: dwc3: gadget: Refactor dwc3_gadget_ep_dequeue (git-fixes).\n- usb: dwc3: gadget: Remove FS bInterval_m1 limitation (git-fixes).\n- usb: dwc3: gadget: Remove unnecessary checks (git-fixes).\n- usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback (git-fixes).\n- usb: dwc3: gadget: Store resource index of start cmd (git-fixes).\n- usb: dwc3: qcom: fix missing optional irq warnings.\n- usb: ehci: handshake CMD_RUN instead of STS_HALT (git-fixes).\n- usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS (git-fixes).\n- usb: gadget: u_audio: fix race condition on endpoint stop (git-fixes).\n- usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes).\n- usb: gadget: uvc: call uvc uvcg_warn on completed status instead of uvcg_info (git-fixes).\n- usb: host: ohci-ppc-of: Fix refcount leak bug (git-fixes).\n- usb: otg-fsm: Fix hrtimer list corruption (git-fixes).\n- usb: renesas: Fix refcount leak bug (git-fixes).\n- usb: serial: ch341: fix disabled rx timer on older devices (git-fixes).\n- usb: serial: ch341: fix lost character on LCR updates (git-fixes).\n- usb: serial: ch341: name prescaler, divisor registers (git-fixes).\n- usb: serial: cp210x: add Decagon UCA device id (git-fixes).\n- usb: serial: ftdi_sio: add Omron CS1W-CIF31 device id (git-fixes).\n- usb: serial: option: add Quectel BG95 0x0203 composition (git-fixes).\n- usb: serial: option: add Quectel BG95 0x0203 composition (git-fixes).\n- usb: serial: option: add Quectel EM060K modem (git-fixes).\n- usb: serial: option: add Quectel RM520N (git-fixes).\n- usb: serial: option: add Quectel RM520N (git-fixes).\n- usb: serial: option: add support for Cinterion MV32-WA/WB RmNet mode (git-fixes).\n- usb: serial: option: add support for OPPO R11 diag port (git-fixes).\n- usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS (git-fixes).\n- usb: typec: altmodes/displayport: correct pin assignment for UFP receptacles (git-fixes).\n- usb: typec: ucsi: Remove incorrect warning (git-fixes).\n- usb: xhci-mtk: add a function to (un)load bandwidth info (git-fixes).\n- usb: xhci-mtk: add only one extra CS for FS/LS INTR (git-fixes).\n- usb: xhci-mtk: add some schedule error number (git-fixes).\n- usb: xhci-mtk: fix issue of out-of-bounds array access (git-fixes).\n- usb: xhci-mtk: get the microframe boundary for ESIT (git-fixes).\n- usb: xhci-mtk: use @sch_tt to check whether need do TT schedule (git-fixes).\n- usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).\n- usbnet: Fix memory leak in usbnet_disconnect() (git-fixes).\n- usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).\n- vboxguest: Do not use devm for irq (git-fixes).\n- vfio/ccw: Remove UUID from s390 debug log (git-fixes).\n- video: fbdev: amba-clcd: Fix refcount leak bugs (git-fixes).\n- video: fbdev: arkfb: Check the size of screen before memset_io() (git-fixes).\n- video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() (git-fixes).\n- video: fbdev: i740fb: Check the argument of i740_calc_vclk() (git-fixes).\n- video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write (git-fixes).\n- video: fbdev: s3fb: Check the size of screen before memset_io() (git-fixes).\n- video: fbdev: sis: fix typos in SiS_GetModeID() (git-fixes).\n- video: fbdev: vt8623fb: Check the size of screen before memset_io() (git-fixes).\n- virtio_net: fix memory leak inside XPD_TX with mergeable (git-fixes).\n- vmci: Add support for ARM64 (bsc#1199291, jsc#SLE-24635).\n- vmci: Check exclusive_vectors when freeing interrupt 1 (bsc#1199291, jsc#SLE-24635).\n- vmci: Enforce queuepair max size for IOCTL_VMCI_QUEUEPAIR_ALLOC (bsc#1199291, jsc#SLE-24635).\n- vmci: Fix some error handling paths in vmci_guest_probe_device() (bsc#1199291, jsc#SLE-24635).\n- vmci: Release notification_bitmap in error path (bsc#1199291, jsc#SLE-24635).\n- vmci: dma dg: add MMIO access to registers (bsc#1199291, jsc#SLE-24635).\n- vmci: dma dg: add support for DMA datagrams receive (bsc#1199291, jsc#SLE-24635).\n- vmci: dma dg: add support for DMA datagrams sends (bsc#1199291, jsc#SLE-24635).\n- vmci: dma dg: allocate send and receive buffers for DMA datagrams (bsc#1199291, jsc#SLE-24635).\n- vmci: dma dg: detect DMA datagram capability (bsc#1199291, jsc#SLE-24635).\n- vmci: dma dg: register dummy IRQ handlers for DMA datagrams (bsc#1199291, jsc#SLE-24635).\n- vmci: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635).\n- vmci: dma dg: whitespace formatting change for vmci register defines (bsc#1199291, jsc#SLE-24635).\n- vmxnet3: Implement ethtool's get_channels command (bsc#1200431).\n- vmxnet3: Record queue number to incoming packets (bsc#1200431).\n- vmxnet3: Remove useless DMA-32 fallback configuration (bsc#1200431).\n- vmxnet3: add command to set ring buffer sizes (bsc#1200431).\n- vmxnet3: add support for capability registers (bsc#1200431).\n- vmxnet3: add support for large passthrough BAR register (bsc#1200431).\n- vmxnet3: add support for out of order rx completion (bsc#1200431).\n- vmxnet3: disable overlay offloads if UPT device does not support (bsc#1200431).\n- vmxnet3: do not reschedule napi for rx processing (bsc#1200431).\n- vmxnet3: do not stop tx queues after netif_device_detach() (bsc#1200431).\n- vmxnet3: limit number of TXDs used for TSO packet (bsc#1200431).\n- vmxnet3: prepare for version 7 changes (bsc#1200431).\n- vmxnet3: switch from 'pci_' to 'dma_' API (bsc#1200431).\n- vmxnet3: update to version 7 (bsc#1200431).\n- vmxnet3: use ext1 field to indicate encapsulated packet (bsc#1200431).\n- vsock: Fix memory leak in vsock_connect() (git-fixes).\n- vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() (git-fixes).\n- vt: Clear selection before changing the font (git-fixes).\n- vt: selection, introduce vc_is_sel (git-fixes).\n- watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in armada_37xx_wdt_probe() (git-fixes).\n- watchdog: wdat_wdt: Set the min and max timeout values properly (bsc#1194023).\n- wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() (git-fixes).\n- wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd() (git-fixes).\n- wifi: mac80211: Do not finalize CSA in IBSS mode if state is disconnected (git-fixes).\n- wifi: mac80211: Fix UAF in ieee80211_scan_rx() (git-fixes).\n- wifi: mac80211_hwsim: add back erroneously removed cast (git-fixes).\n- wifi: mac80211_hwsim: fix race condition in pending packet (git-fixes).\n- wifi: mac80211_hwsim: use 32-bit skb cookie (git-fixes).\n- x86/bugs: Reenable retbleed=off While for older kernels the return thunks are statically built in and cannot be dynamically patched out, retbleed=off should still work so that it can be disabled.\n- x86/kexec: fix memory leak of elf header buffer (bsc#1196444).\n- x86/olpc: fix 'logical not is only applied to the left hand side' (git-fixes).\n- x86/xen: Remove undefined behavior in setup_features() (git-fixes).\n- xen/xenbus: fix return type in xenbus_file_read() (git-fixes).\n- xfs: Fix assert failure in xfs_setattr_size() (git-fixes).\n- xfs: bunmapi has unnecessary AG lock ordering issues (git-fixes).\n- xfs: check sb_meta_uuid for dabuf buffer recovery (bsc#1202577).\n- xfs: make xfs_rtalloc_query_range input parameters const (git-fixes).\n- xfs: mark a data structure sick if there are cross-referencing errors (git-fixes).\n- xfs: only reset incore inode health state flags when reclaiming an inode (git-fixes).\n- xfs: prevent a UAF when log IO errors race with unmount (git-fixes).\n- xfs: use kmem_cache_free() for kmem_cache objects (git-fixes).\n- xprtrdma: Fix XDRBUF_SPARSE_PAGES support (git-fixes).\n- xprtrdma: Fix cwnd update ordering (git-fixes).\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2022-3809,SUSE-SLE-Module-RT-15-SP3-2022-3809,SUSE-SUSE-MicroOS-5.1-2022-3809,SUSE-SUSE-MicroOS-5.2-2022-3809,openSUSE-Leap-Micro-5.2-2022-3809",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3809-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2022:3809-1",
            url: "https://www.suse.com/support/update/announcement/2022/suse-su-20223809-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2022:3809-1",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012771.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1023051",
            url: "https://bugzilla.suse.com/1023051",
         },
         {
            category: "self",
            summary: "SUSE Bug 1065729",
            url: "https://bugzilla.suse.com/1065729",
         },
         {
            category: "self",
            summary: "SUSE Bug 1152489",
            url: "https://bugzilla.suse.com/1152489",
         },
         {
            category: "self",
            summary: "SUSE Bug 1156395",
            url: "https://bugzilla.suse.com/1156395",
         },
         {
            category: "self",
            summary: "SUSE Bug 1177471",
            url: "https://bugzilla.suse.com/1177471",
         },
         {
            category: "self",
            summary: "SUSE Bug 1179722",
            url: "https://bugzilla.suse.com/1179722",
         },
         {
            category: "self",
            summary: "SUSE Bug 1179723",
            url: "https://bugzilla.suse.com/1179723",
         },
         {
            category: "self",
            summary: "SUSE Bug 1181862",
            url: "https://bugzilla.suse.com/1181862",
         },
         {
            category: "self",
            summary: "SUSE Bug 1185032",
            url: "https://bugzilla.suse.com/1185032",
         },
         {
            category: "self",
            summary: "SUSE Bug 1191662",
            url: "https://bugzilla.suse.com/1191662",
         },
         {
            category: "self",
            summary: "SUSE Bug 1191667",
            url: "https://bugzilla.suse.com/1191667",
         },
         {
            category: "self",
            summary: "SUSE Bug 1191881",
            url: "https://bugzilla.suse.com/1191881",
         },
         {
            category: "self",
            summary: "SUSE Bug 1192594",
            url: "https://bugzilla.suse.com/1192594",
         },
         {
            category: "self",
            summary: "SUSE Bug 1194023",
            url: "https://bugzilla.suse.com/1194023",
         },
         {
            category: "self",
            summary: "SUSE Bug 1194272",
            url: "https://bugzilla.suse.com/1194272",
         },
         {
            category: "self",
            summary: "SUSE Bug 1194535",
            url: "https://bugzilla.suse.com/1194535",
         },
         {
            category: "self",
            summary: "SUSE Bug 1196444",
            url: "https://bugzilla.suse.com/1196444",
         },
         {
            category: "self",
            summary: "SUSE Bug 1197158",
            url: "https://bugzilla.suse.com/1197158",
         },
         {
            category: "self",
            summary: "SUSE Bug 1197659",
            url: "https://bugzilla.suse.com/1197659",
         },
         {
            category: "self",
            summary: "SUSE Bug 1197755",
            url: "https://bugzilla.suse.com/1197755",
         },
         {
            category: "self",
            summary: "SUSE Bug 1197756",
            url: "https://bugzilla.suse.com/1197756",
         },
         {
            category: "self",
            summary: "SUSE Bug 1197757",
            url: "https://bugzilla.suse.com/1197757",
         },
         {
            category: "self",
            summary: "SUSE Bug 1197760",
            url: "https://bugzilla.suse.com/1197760",
         },
         {
            category: "self",
            summary: "SUSE Bug 1197763",
            url: "https://bugzilla.suse.com/1197763",
         },
         {
            category: "self",
            summary: "SUSE Bug 1197920",
            url: "https://bugzilla.suse.com/1197920",
         },
         {
            category: "self",
            summary: "SUSE Bug 1198971",
            url: "https://bugzilla.suse.com/1198971",
         },
         {
            category: "self",
            summary: "SUSE Bug 1199291",
            url: "https://bugzilla.suse.com/1199291",
         },
         {
            category: "self",
            summary: "SUSE Bug 1200288",
            url: "https://bugzilla.suse.com/1200288",
         },
         {
            category: "self",
            summary: "SUSE Bug 1200313",
            url: "https://bugzilla.suse.com/1200313",
         },
         {
            category: "self",
            summary: "SUSE Bug 1200431",
            url: "https://bugzilla.suse.com/1200431",
         },
         {
            category: "self",
            summary: "SUSE Bug 1200622",
            url: "https://bugzilla.suse.com/1200622",
         },
         {
            category: "self",
            summary: "SUSE Bug 1200845",
            url: "https://bugzilla.suse.com/1200845",
         },
         {
            category: "self",
            summary: "SUSE Bug 1200868",
            url: "https://bugzilla.suse.com/1200868",
         },
         {
            category: "self",
            summary: "SUSE Bug 1200869",
            url: "https://bugzilla.suse.com/1200869",
         },
         {
            category: "self",
            summary: "SUSE Bug 1200870",
            url: "https://bugzilla.suse.com/1200870",
         },
         {
            category: "self",
            summary: "SUSE Bug 1200871",
            url: "https://bugzilla.suse.com/1200871",
         },
         {
            category: "self",
            summary: "SUSE Bug 1200872",
            url: "https://bugzilla.suse.com/1200872",
         },
         {
            category: "self",
            summary: "SUSE Bug 1200873",
            url: "https://bugzilla.suse.com/1200873",
         },
         {
            category: "self",
            summary: "SUSE Bug 1201019",
            url: "https://bugzilla.suse.com/1201019",
         },
         {
            category: "self",
            summary: "SUSE Bug 1201309",
            url: "https://bugzilla.suse.com/1201309",
         },
         {
            category: "self",
            summary: "SUSE Bug 1201310",
            url: "https://bugzilla.suse.com/1201310",
         },
         {
            category: "self",
            summary: "SUSE Bug 1201420",
            url: "https://bugzilla.suse.com/1201420",
         },
         {
            category: "self",
            summary: "SUSE Bug 1201489",
            url: "https://bugzilla.suse.com/1201489",
         },
         {
            category: "self",
            summary: "SUSE Bug 1201610",
            url: "https://bugzilla.suse.com/1201610",
         },
         {
            category: "self",
            summary: "SUSE Bug 1201705",
            url: "https://bugzilla.suse.com/1201705",
         },
         {
            category: "self",
            summary: "SUSE Bug 1201726",
            url: "https://bugzilla.suse.com/1201726",
         },
         {
            category: "self",
            summary: "SUSE Bug 1201865",
            url: "https://bugzilla.suse.com/1201865",
         },
         {
            category: "self",
            summary: "SUSE Bug 1201948",
            url: "https://bugzilla.suse.com/1201948",
         },
         {
            category: "self",
            summary: "SUSE Bug 1201990",
            url: "https://bugzilla.suse.com/1201990",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202095",
            url: "https://bugzilla.suse.com/1202095",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202096",
            url: "https://bugzilla.suse.com/1202096",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202097",
            url: "https://bugzilla.suse.com/1202097",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202341",
            url: "https://bugzilla.suse.com/1202341",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202346",
            url: "https://bugzilla.suse.com/1202346",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202347",
            url: "https://bugzilla.suse.com/1202347",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202385",
            url: "https://bugzilla.suse.com/1202385",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202393",
            url: "https://bugzilla.suse.com/1202393",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202396",
            url: "https://bugzilla.suse.com/1202396",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202447",
            url: "https://bugzilla.suse.com/1202447",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202577",
            url: "https://bugzilla.suse.com/1202577",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202636",
            url: "https://bugzilla.suse.com/1202636",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202638",
            url: "https://bugzilla.suse.com/1202638",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202672",
            url: "https://bugzilla.suse.com/1202672",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202677",
            url: "https://bugzilla.suse.com/1202677",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202701",
            url: "https://bugzilla.suse.com/1202701",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202708",
            url: "https://bugzilla.suse.com/1202708",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202709",
            url: "https://bugzilla.suse.com/1202709",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202710",
            url: "https://bugzilla.suse.com/1202710",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202711",
            url: "https://bugzilla.suse.com/1202711",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202712",
            url: "https://bugzilla.suse.com/1202712",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202713",
            url: "https://bugzilla.suse.com/1202713",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202714",
            url: "https://bugzilla.suse.com/1202714",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202715",
            url: "https://bugzilla.suse.com/1202715",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202716",
            url: "https://bugzilla.suse.com/1202716",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202717",
            url: "https://bugzilla.suse.com/1202717",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202718",
            url: "https://bugzilla.suse.com/1202718",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202720",
            url: "https://bugzilla.suse.com/1202720",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202722",
            url: "https://bugzilla.suse.com/1202722",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202745",
            url: "https://bugzilla.suse.com/1202745",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202756",
            url: "https://bugzilla.suse.com/1202756",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202810",
            url: "https://bugzilla.suse.com/1202810",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202811",
            url: "https://bugzilla.suse.com/1202811",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202860",
            url: "https://bugzilla.suse.com/1202860",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202895",
            url: "https://bugzilla.suse.com/1202895",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202898",
            url: "https://bugzilla.suse.com/1202898",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202960",
            url: "https://bugzilla.suse.com/1202960",
         },
         {
            category: "self",
            summary: "SUSE Bug 1202984",
            url: "https://bugzilla.suse.com/1202984",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203063",
            url: "https://bugzilla.suse.com/1203063",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203098",
            url: "https://bugzilla.suse.com/1203098",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203107",
            url: "https://bugzilla.suse.com/1203107",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203117",
            url: "https://bugzilla.suse.com/1203117",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203135",
            url: "https://bugzilla.suse.com/1203135",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203136",
            url: "https://bugzilla.suse.com/1203136",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203137",
            url: "https://bugzilla.suse.com/1203137",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203159",
            url: "https://bugzilla.suse.com/1203159",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203290",
            url: "https://bugzilla.suse.com/1203290",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203389",
            url: "https://bugzilla.suse.com/1203389",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203410",
            url: "https://bugzilla.suse.com/1203410",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203424",
            url: "https://bugzilla.suse.com/1203424",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203514",
            url: "https://bugzilla.suse.com/1203514",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203552",
            url: "https://bugzilla.suse.com/1203552",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203622",
            url: "https://bugzilla.suse.com/1203622",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203737",
            url: "https://bugzilla.suse.com/1203737",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203769",
            url: "https://bugzilla.suse.com/1203769",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203770",
            url: "https://bugzilla.suse.com/1203770",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203802",
            url: "https://bugzilla.suse.com/1203802",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203906",
            url: "https://bugzilla.suse.com/1203906",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203909",
            url: "https://bugzilla.suse.com/1203909",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203935",
            url: "https://bugzilla.suse.com/1203935",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203939",
            url: "https://bugzilla.suse.com/1203939",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203987",
            url: "https://bugzilla.suse.com/1203987",
         },
         {
            category: "self",
            summary: "SUSE Bug 1203992",
            url: "https://bugzilla.suse.com/1203992",
         },
         {
            category: "self",
            summary: "SUSE Bug 1204051",
            url: "https://bugzilla.suse.com/1204051",
         },
         {
            category: "self",
            summary: "SUSE Bug 1204059",
            url: "https://bugzilla.suse.com/1204059",
         },
         {
            category: "self",
            summary: "SUSE Bug 1204060",
            url: "https://bugzilla.suse.com/1204060",
         },
         {
            category: "self",
            summary: "SUSE Bug 1204125",
            url: "https://bugzilla.suse.com/1204125",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-3695 page",
            url: "https://www.suse.com/security/cve/CVE-2016-3695/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2020-16119 page",
            url: "https://www.suse.com/security/cve/CVE-2020-16119/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2020-27784 page",
            url: "https://www.suse.com/security/cve/CVE-2020-27784/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2021-4155 page",
            url: "https://www.suse.com/security/cve/CVE-2021-4155/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2021-4203 page",
            url: "https://www.suse.com/security/cve/CVE-2021-4203/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-20368 page",
            url: "https://www.suse.com/security/cve/CVE-2022-20368/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-20369 page",
            url: "https://www.suse.com/security/cve/CVE-2022-20369/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-2503 page",
            url: "https://www.suse.com/security/cve/CVE-2022-2503/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-2586 page",
            url: "https://www.suse.com/security/cve/CVE-2022-2586/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-2588 page",
            url: "https://www.suse.com/security/cve/CVE-2022-2588/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-26373 page",
            url: "https://www.suse.com/security/cve/CVE-2022-26373/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-2663 page",
            url: "https://www.suse.com/security/cve/CVE-2022-2663/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-2905 page",
            url: "https://www.suse.com/security/cve/CVE-2022-2905/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-2977 page",
            url: "https://www.suse.com/security/cve/CVE-2022-2977/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-3028 page",
            url: "https://www.suse.com/security/cve/CVE-2022-3028/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-3169 page",
            url: "https://www.suse.com/security/cve/CVE-2022-3169/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-32296 page",
            url: "https://www.suse.com/security/cve/CVE-2022-32296/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-3239 page",
            url: "https://www.suse.com/security/cve/CVE-2022-3239/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-3303 page",
            url: "https://www.suse.com/security/cve/CVE-2022-3303/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-36879 page",
            url: "https://www.suse.com/security/cve/CVE-2022-36879/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-39188 page",
            url: "https://www.suse.com/security/cve/CVE-2022-39188/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-39190 page",
            url: "https://www.suse.com/security/cve/CVE-2022-39190/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-40768 page",
            url: "https://www.suse.com/security/cve/CVE-2022-40768/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-41218 page",
            url: "https://www.suse.com/security/cve/CVE-2022-41218/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-41222 page",
            url: "https://www.suse.com/security/cve/CVE-2022-41222/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-41674 page",
            url: "https://www.suse.com/security/cve/CVE-2022-41674/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-41848 page",
            url: "https://www.suse.com/security/cve/CVE-2022-41848/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-41849 page",
            url: "https://www.suse.com/security/cve/CVE-2022-41849/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-42719 page",
            url: "https://www.suse.com/security/cve/CVE-2022-42719/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-42720 page",
            url: "https://www.suse.com/security/cve/CVE-2022-42720/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-42721 page",
            url: "https://www.suse.com/security/cve/CVE-2022-42721/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-42722 page",
            url: "https://www.suse.com/security/cve/CVE-2022-42722/",
         },
      ],
      title: "Security update for the Linux Kernel",
      tracking: {
         current_release_date: "2022-10-31T08:28:31Z",
         generator: {
            date: "2022-10-31T08:28:31Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2022:3809-1",
         initial_release_date: "2022-10-31T08:28:31Z",
         revision_history: [
            {
               date: "2022-10-31T08:28:31Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "kernel-devel-rt-5.3.18-150300.106.1.noarch",
                        product: {
                           name: "kernel-devel-rt-5.3.18-150300.106.1.noarch",
                           product_id: "kernel-devel-rt-5.3.18-150300.106.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-source-rt-5.3.18-150300.106.1.noarch",
                        product: {
                           name: "kernel-source-rt-5.3.18-150300.106.1.noarch",
                           product_id: "kernel-source-rt-5.3.18-150300.106.1.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                           product_id: "cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "cluster-md-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "cluster-md-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                           product_id: "cluster-md-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                           product_id: "dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "dlm-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "dlm-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                           product_id: "dlm-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                           product_id: "gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "gfs2-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "gfs2-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                           product_id: "gfs2-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "kernel-rt-5.3.18-150300.106.1.x86_64",
                           product_id: "kernel-rt-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                           product_id: "kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt-extra-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "kernel-rt-extra-5.3.18-150300.106.1.x86_64",
                           product_id: "kernel-rt-extra-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt-livepatch-devel-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "kernel-rt-livepatch-devel-5.3.18-150300.106.1.x86_64",
                           product_id: "kernel-rt-livepatch-devel-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt-optional-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "kernel-rt-optional-5.3.18-150300.106.1.x86_64",
                           product_id: "kernel-rt-optional-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt_debug-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "kernel-rt_debug-5.3.18-150300.106.1.x86_64",
                           product_id: "kernel-rt_debug-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                           product_id: "kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt_debug-extra-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "kernel-rt_debug-extra-5.3.18-150300.106.1.x86_64",
                           product_id: "kernel-rt_debug-extra-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt_debug-livepatch-devel-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "kernel-rt_debug-livepatch-devel-5.3.18-150300.106.1.x86_64",
                           product_id: "kernel-rt_debug-livepatch-devel-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt_debug-optional-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "kernel-rt_debug-optional-5.3.18-150300.106.1.x86_64",
                           product_id: "kernel-rt_debug-optional-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                           product_id: "kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kselftests-kmp-rt-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "kselftests-kmp-rt-5.3.18-150300.106.1.x86_64",
                           product_id: "kselftests-kmp-rt-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kselftests-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "kselftests-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                           product_id: "kselftests-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                           product_id: "ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "ocfs2-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "ocfs2-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                           product_id: "ocfs2-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "reiserfs-kmp-rt-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "reiserfs-kmp-rt-5.3.18-150300.106.1.x86_64",
                           product_id: "reiserfs-kmp-rt-5.3.18-150300.106.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "reiserfs-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                        product: {
                           name: "reiserfs-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                           product_id: "reiserfs-kmp-rt_debug-5.3.18-150300.106.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Real Time Module 15 SP3",
                        product: {
                           name: "SUSE Real Time Module 15 SP3",
                           product_id: "SUSE Real Time Module 15 SP3",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-module-rt:15:sp3",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Micro 5.1",
                        product: {
                           name: "SUSE Linux Enterprise Micro 5.1",
                           product_id: "SUSE Linux Enterprise Micro 5.1",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:suse-microos:5.1",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Micro 5.2",
                        product: {
                           name: "SUSE Linux Enterprise Micro 5.2",
                           product_id: "SUSE Linux Enterprise Micro 5.2",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:suse-microos:5.2",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "openSUSE Leap Micro 5.2",
                        product: {
                           name: "openSUSE Leap Micro 5.2",
                           product_id: "openSUSE Leap Micro 5.2",
                           product_identification_helper: {
                              cpe: "cpe:/o:opensuse:leap-micro:5.2",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64 as component of SUSE Real Time Module 15 SP3",
               product_id: "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
            },
            product_reference: "cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
            relates_to_product_reference: "SUSE Real Time Module 15 SP3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "dlm-kmp-rt-5.3.18-150300.106.1.x86_64 as component of SUSE Real Time Module 15 SP3",
               product_id: "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
            },
            product_reference: "dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
            relates_to_product_reference: "SUSE Real Time Module 15 SP3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "gfs2-kmp-rt-5.3.18-150300.106.1.x86_64 as component of SUSE Real Time Module 15 SP3",
               product_id: "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
            },
            product_reference: "gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
            relates_to_product_reference: "SUSE Real Time Module 15 SP3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-devel-rt-5.3.18-150300.106.1.noarch as component of SUSE Real Time Module 15 SP3",
               product_id: "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
            },
            product_reference: "kernel-devel-rt-5.3.18-150300.106.1.noarch",
            relates_to_product_reference: "SUSE Real Time Module 15 SP3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-rt-5.3.18-150300.106.1.x86_64 as component of SUSE Real Time Module 15 SP3",
               product_id: "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
            },
            product_reference: "kernel-rt-5.3.18-150300.106.1.x86_64",
            relates_to_product_reference: "SUSE Real Time Module 15 SP3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-rt-devel-5.3.18-150300.106.1.x86_64 as component of SUSE Real Time Module 15 SP3",
               product_id: "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
            },
            product_reference: "kernel-rt-devel-5.3.18-150300.106.1.x86_64",
            relates_to_product_reference: "SUSE Real Time Module 15 SP3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64 as component of SUSE Real Time Module 15 SP3",
               product_id: "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
            },
            product_reference: "kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
            relates_to_product_reference: "SUSE Real Time Module 15 SP3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-source-rt-5.3.18-150300.106.1.noarch as component of SUSE Real Time Module 15 SP3",
               product_id: "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
            },
            product_reference: "kernel-source-rt-5.3.18-150300.106.1.noarch",
            relates_to_product_reference: "SUSE Real Time Module 15 SP3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-syms-rt-5.3.18-150300.106.1.x86_64 as component of SUSE Real Time Module 15 SP3",
               product_id: "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
            },
            product_reference: "kernel-syms-rt-5.3.18-150300.106.1.x86_64",
            relates_to_product_reference: "SUSE Real Time Module 15 SP3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64 as component of SUSE Real Time Module 15 SP3",
               product_id: "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
            },
            product_reference: "ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
            relates_to_product_reference: "SUSE Real Time Module 15 SP3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-rt-5.3.18-150300.106.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
               product_id: "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
            },
            product_reference: "kernel-rt-5.3.18-150300.106.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-rt-5.3.18-150300.106.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
               product_id: "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            },
            product_reference: "kernel-rt-5.3.18-150300.106.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-rt-5.3.18-150300.106.1.x86_64 as component of openSUSE Leap Micro 5.2",
               product_id: "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            },
            product_reference: "kernel-rt-5.3.18-150300.106.1.x86_64",
            relates_to_product_reference: "openSUSE Leap Micro 5.2",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2016-3695",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-3695",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-3695",
               url: "https://www.suse.com/security/cve/CVE-2016-3695",
            },
            {
               category: "external",
               summary: "SUSE Bug 1023051 for CVE-2016-3695",
               url: "https://bugzilla.suse.com/1023051",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 2.2,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "low",
            },
         ],
         title: "CVE-2016-3695",
      },
      {
         cve: "CVE-2020-16119",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2020-16119",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2020-16119",
               url: "https://www.suse.com/security/cve/CVE-2020-16119",
            },
            {
               category: "external",
               summary: "SUSE Bug 1177471 for CVE-2020-16119",
               url: "https://bugzilla.suse.com/1177471",
            },
            {
               category: "external",
               summary: "SUSE Bug 1177742 for CVE-2020-16119",
               url: "https://bugzilla.suse.com/1177742",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "important",
            },
         ],
         title: "CVE-2020-16119",
      },
      {
         cve: "CVE-2020-27784",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2020-27784",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free().",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2020-27784",
               url: "https://www.suse.com/security/cve/CVE-2020-27784",
            },
            {
               category: "external",
               summary: "SUSE Bug 1202895 for CVE-2020-27784",
               url: "https://bugzilla.suse.com/1202895",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "low",
            },
         ],
         title: "CVE-2020-27784",
      },
      {
         cve: "CVE-2021-4155",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2021-4155",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2021-4155",
               url: "https://www.suse.com/security/cve/CVE-2021-4155",
            },
            {
               category: "external",
               summary: "SUSE Bug 1194272 for CVE-2021-4155",
               url: "https://bugzilla.suse.com/1194272",
            },
            {
               category: "external",
               summary: "SUSE Bug 1199255 for CVE-2021-4155",
               url: "https://bugzilla.suse.com/1199255",
            },
            {
               category: "external",
               summary: "SUSE Bug 1200084 for CVE-2021-4155",
               url: "https://bugzilla.suse.com/1200084",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2021-4155",
      },
      {
         cve: "CVE-2021-4203",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2021-4203",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2021-4203",
               url: "https://www.suse.com/security/cve/CVE-2021-4203",
            },
            {
               category: "external",
               summary: "SUSE Bug 1194535 for CVE-2021-4203",
               url: "https://bugzilla.suse.com/1194535",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2021-4203",
      },
      {
         cve: "CVE-2022-20368",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-20368",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-20368",
               url: "https://www.suse.com/security/cve/CVE-2022-20368",
            },
            {
               category: "external",
               summary: "SUSE Bug 1202346 for CVE-2022-20368",
               url: "https://bugzilla.suse.com/1202346",
            },
            {
               category: "external",
               summary: "SUSE Bug 1212311 for CVE-2022-20368",
               url: "https://bugzilla.suse.com/1212311",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-20368",
      },
      {
         cve: "CVE-2022-20369",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-20369",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-20369",
               url: "https://www.suse.com/security/cve/CVE-2022-20369",
            },
            {
               category: "external",
               summary: "SUSE Bug 1202347 for CVE-2022-20369",
               url: "https://bugzilla.suse.com/1202347",
            },
            {
               category: "external",
               summary: "SUSE Bug 1212321 for CVE-2022-20369",
               url: "https://bugzilla.suse.com/1212321",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-20369",
      },
      {
         cve: "CVE-2022-2503",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-2503",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-2503",
               url: "https://www.suse.com/security/cve/CVE-2022-2503",
            },
            {
               category: "external",
               summary: "SUSE Bug 1202677 for CVE-2022-2503",
               url: "https://bugzilla.suse.com/1202677",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-2503",
      },
      {
         cve: "CVE-2022-2586",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-2586",
            },
         ],
         notes: [
            {
               category: "general",
               text: "It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-2586",
               url: "https://www.suse.com/security/cve/CVE-2022-2586",
            },
            {
               category: "external",
               summary: "SUSE Bug 1202095 for CVE-2022-2586",
               url: "https://bugzilla.suse.com/1202095",
            },
            {
               category: "external",
               summary: "SUSE Bug 1209719 for CVE-2022-2586",
               url: "https://bugzilla.suse.com/1209719",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-2586",
      },
      {
         cve: "CVE-2022-2588",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-2588",
            },
         ],
         notes: [
            {
               category: "general",
               text: "It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-2588",
               url: "https://www.suse.com/security/cve/CVE-2022-2588",
            },
            {
               category: "external",
               summary: "SUSE Bug 1202096 for CVE-2022-2588",
               url: "https://bugzilla.suse.com/1202096",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203613 for CVE-2022-2588",
               url: "https://bugzilla.suse.com/1203613",
            },
            {
               category: "external",
               summary: "SUSE Bug 1204183 for CVE-2022-2588",
               url: "https://bugzilla.suse.com/1204183",
            },
            {
               category: "external",
               summary: "SUSE Bug 1209225 for CVE-2022-2588",
               url: "https://bugzilla.suse.com/1209225",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "important",
            },
         ],
         title: "CVE-2022-2588",
      },
      {
         cve: "CVE-2022-26373",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-26373",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-26373",
               url: "https://www.suse.com/security/cve/CVE-2022-26373",
            },
            {
               category: "external",
               summary: "SUSE Bug 1201726 for CVE-2022-26373",
               url: "https://bugzilla.suse.com/1201726",
            },
            {
               category: "external",
               summary: "SUSE Bug 1209619 for CVE-2022-26373",
               url: "https://bugzilla.suse.com/1209619",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-26373",
      },
      {
         cve: "CVE-2022-2663",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-2663",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-2663",
               url: "https://www.suse.com/security/cve/CVE-2022-2663",
            },
            {
               category: "external",
               summary: "SUSE Bug 1202097 for CVE-2022-2663",
               url: "https://bugzilla.suse.com/1202097",
            },
            {
               category: "external",
               summary: "SUSE Bug 1212299 for CVE-2022-2663",
               url: "https://bugzilla.suse.com/1212299",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-2663",
      },
      {
         cve: "CVE-2022-2905",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-2905",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-2905",
               url: "https://www.suse.com/security/cve/CVE-2022-2905",
            },
            {
               category: "external",
               summary: "SUSE Bug 1202860 for CVE-2022-2905",
               url: "https://bugzilla.suse.com/1202860",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.2,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-2905",
      },
      {
         cve: "CVE-2022-2977",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-2977",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the system.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-2977",
               url: "https://www.suse.com/security/cve/CVE-2022-2977",
            },
            {
               category: "external",
               summary: "SUSE Bug 1202672 for CVE-2022-2977",
               url: "https://bugzilla.suse.com/1202672",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.2,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-2977",
      },
      {
         cve: "CVE-2022-3028",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-3028",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-3028",
               url: "https://www.suse.com/security/cve/CVE-2022-3028",
            },
            {
               category: "external",
               summary: "SUSE Bug 1202898 for CVE-2022-3028",
               url: "https://bugzilla.suse.com/1202898",
            },
            {
               category: "external",
               summary: "SUSE Bug 1212296 for CVE-2022-3028",
               url: "https://bugzilla.suse.com/1212296",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-3028",
      },
      {
         cve: "CVE-2022-3169",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-3169",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-3169",
               url: "https://www.suse.com/security/cve/CVE-2022-3169",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203290 for CVE-2022-3169",
               url: "https://bugzilla.suse.com/1203290",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.2,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-3169",
      },
      {
         cve: "CVE-2022-32296",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-32296",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 (\"Double-Hash Port Selection Algorithm\") of RFC 6056.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-32296",
               url: "https://www.suse.com/security/cve/CVE-2022-32296",
            },
            {
               category: "external",
               summary: "SUSE Bug 1200288 for CVE-2022-32296",
               url: "https://bugzilla.suse.com/1200288",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-32296",
      },
      {
         cve: "CVE-2022-3239",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-3239",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-3239",
               url: "https://www.suse.com/security/cve/CVE-2022-3239",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203552 for CVE-2022-3239",
               url: "https://bugzilla.suse.com/1203552",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-3239",
      },
      {
         cve: "CVE-2022-3303",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-3303",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-3303",
               url: "https://www.suse.com/security/cve/CVE-2022-3303",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203769 for CVE-2022-3303",
               url: "https://bugzilla.suse.com/1203769",
            },
            {
               category: "external",
               summary: "SUSE Bug 1212304 for CVE-2022-3303",
               url: "https://bugzilla.suse.com/1212304",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-3303",
      },
      {
         cve: "CVE-2022-36879",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-36879",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-36879",
               url: "https://www.suse.com/security/cve/CVE-2022-36879",
            },
            {
               category: "external",
               summary: "SUSE Bug 1201948 for CVE-2022-36879",
               url: "https://bugzilla.suse.com/1201948",
            },
            {
               category: "external",
               summary: "SUSE Bug 1212327 for CVE-2022-36879",
               url: "https://bugzilla.suse.com/1212327",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-36879",
      },
      {
         cve: "CVE-2022-39188",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-39188",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-39188",
               url: "https://www.suse.com/security/cve/CVE-2022-39188",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203107 for CVE-2022-39188",
               url: "https://bugzilla.suse.com/1203107",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203116 for CVE-2022-39188",
               url: "https://bugzilla.suse.com/1203116",
            },
            {
               category: "external",
               summary: "SUSE Bug 1205313 for CVE-2022-39188",
               url: "https://bugzilla.suse.com/1205313",
            },
            {
               category: "external",
               summary: "SUSE Bug 1209225 for CVE-2022-39188",
               url: "https://bugzilla.suse.com/1209225",
            },
            {
               category: "external",
               summary: "SUSE Bug 1212326 for CVE-2022-39188",
               url: "https://bugzilla.suse.com/1212326",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-39188",
      },
      {
         cve: "CVE-2022-39190",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-39190",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-39190",
               url: "https://www.suse.com/security/cve/CVE-2022-39190",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203117 for CVE-2022-39190",
               url: "https://bugzilla.suse.com/1203117",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-39190",
      },
      {
         cve: "CVE-2022-40768",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-40768",
            },
         ],
         notes: [
            {
               category: "general",
               text: "drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-40768",
               url: "https://www.suse.com/security/cve/CVE-2022-40768",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203514 for CVE-2022-40768",
               url: "https://bugzilla.suse.com/1203514",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-40768",
      },
      {
         cve: "CVE-2022-41218",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-41218",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-41218",
               url: "https://www.suse.com/security/cve/CVE-2022-41218",
            },
            {
               category: "external",
               summary: "SUSE Bug 1202960 for CVE-2022-41218",
               url: "https://bugzilla.suse.com/1202960",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203606 for CVE-2022-41218",
               url: "https://bugzilla.suse.com/1203606",
            },
            {
               category: "external",
               summary: "SUSE Bug 1205313 for CVE-2022-41218",
               url: "https://bugzilla.suse.com/1205313",
            },
            {
               category: "external",
               summary: "SUSE Bug 1209225 for CVE-2022-41218",
               url: "https://bugzilla.suse.com/1209225",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.4,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "important",
            },
         ],
         title: "CVE-2022-41218",
      },
      {
         cve: "CVE-2022-41222",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-41222",
            },
         ],
         notes: [
            {
               category: "general",
               text: "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-41222",
               url: "https://www.suse.com/security/cve/CVE-2022-41222",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203622 for CVE-2022-41222",
               url: "https://bugzilla.suse.com/1203622",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203624 for CVE-2022-41222",
               url: "https://bugzilla.suse.com/1203624",
            },
            {
               category: "external",
               summary: "SUSE Bug 1209225 for CVE-2022-41222",
               url: "https://bugzilla.suse.com/1209225",
            },
            {
               category: "external",
               summary: "SUSE Bug 1209476 for CVE-2022-41222",
               url: "https://bugzilla.suse.com/1209476",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-41222",
      },
      {
         cve: "CVE-2022-41674",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-41674",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-41674",
               url: "https://www.suse.com/security/cve/CVE-2022-41674",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203770 for CVE-2022-41674",
               url: "https://bugzilla.suse.com/1203770",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203994 for CVE-2022-41674",
               url: "https://bugzilla.suse.com/1203994",
            },
            {
               category: "external",
               summary: "SUSE Bug 1209225 for CVE-2022-41674",
               url: "https://bugzilla.suse.com/1209225",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "important",
            },
         ],
         title: "CVE-2022-41674",
      },
      {
         cve: "CVE-2022-41848",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-41848",
            },
         ],
         notes: [
            {
               category: "general",
               text: "drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-41848",
               url: "https://www.suse.com/security/cve/CVE-2022-41848",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203987 for CVE-2022-41848",
               url: "https://bugzilla.suse.com/1203987",
            },
            {
               category: "external",
               summary: "SUSE Bug 1211484 for CVE-2022-41848",
               url: "https://bugzilla.suse.com/1211484",
            },
            {
               category: "external",
               summary: "SUSE Bug 1212317 for CVE-2022-41848",
               url: "https://bugzilla.suse.com/1212317",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-41848",
      },
      {
         cve: "CVE-2022-41849",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-41849",
            },
         ],
         notes: [
            {
               category: "general",
               text: "drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-41849",
               url: "https://www.suse.com/security/cve/CVE-2022-41849",
            },
            {
               category: "external",
               summary: "SUSE Bug 1203992 for CVE-2022-41849",
               url: "https://bugzilla.suse.com/1203992",
            },
            {
               category: "external",
               summary: "SUSE Bug 1217458 for CVE-2022-41849",
               url: "https://bugzilla.suse.com/1217458",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-41849",
      },
      {
         cve: "CVE-2022-42719",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-42719",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-42719",
               url: "https://www.suse.com/security/cve/CVE-2022-42719",
            },
            {
               category: "external",
               summary: "SUSE Bug 1204051 for CVE-2022-42719",
               url: "https://bugzilla.suse.com/1204051",
            },
            {
               category: "external",
               summary: "SUSE Bug 1204292 for CVE-2022-42719",
               url: "https://bugzilla.suse.com/1204292",
            },
            {
               category: "external",
               summary: "SUSE Bug 1209225 for CVE-2022-42719",
               url: "https://bugzilla.suse.com/1209225",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "important",
            },
         ],
         title: "CVE-2022-42719",
      },
      {
         cve: "CVE-2022-42720",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-42720",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-42720",
               url: "https://www.suse.com/security/cve/CVE-2022-42720",
            },
            {
               category: "external",
               summary: "SUSE Bug 1204059 for CVE-2022-42720",
               url: "https://bugzilla.suse.com/1204059",
            },
            {
               category: "external",
               summary: "SUSE Bug 1204291 for CVE-2022-42720",
               url: "https://bugzilla.suse.com/1204291",
            },
            {
               category: "external",
               summary: "SUSE Bug 1209225 for CVE-2022-42720",
               url: "https://bugzilla.suse.com/1209225",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "important",
            },
         ],
         title: "CVE-2022-42720",
      },
      {
         cve: "CVE-2022-42721",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-42721",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-42721",
               url: "https://www.suse.com/security/cve/CVE-2022-42721",
            },
            {
               category: "external",
               summary: "SUSE Bug 1204060 for CVE-2022-42721",
               url: "https://bugzilla.suse.com/1204060",
            },
            {
               category: "external",
               summary: "SUSE Bug 1204290 for CVE-2022-42721",
               url: "https://bugzilla.suse.com/1204290",
            },
            {
               category: "external",
               summary: "SUSE Bug 1209225 for CVE-2022-42721",
               url: "https://bugzilla.suse.com/1209225",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "important",
            },
         ],
         title: "CVE-2022-42721",
      },
      {
         cve: "CVE-2022-42722",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-42722",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
               "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
               "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
               "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-42722",
               url: "https://www.suse.com/security/cve/CVE-2022-42722",
            },
            {
               category: "external",
               summary: "SUSE Bug 1204125 for CVE-2022-42722",
               url: "https://bugzilla.suse.com/1204125",
            },
            {
               category: "external",
               summary: "SUSE Bug 1204289 for CVE-2022-42722",
               url: "https://bugzilla.suse.com/1204289",
            },
            {
               category: "external",
               summary: "SUSE Bug 1209225 for CVE-2022-42722",
               url: "https://bugzilla.suse.com/1209225",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.106.1.noarch",
                  "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.106.1.x86_64",
                  "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.106.1.x86_64",
                  "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.106.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2022-10-31T08:28:31Z",
               details: "important",
            },
         ],
         title: "CVE-2022-42722",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.