SUSE-SU-2024:0141-1
Vulnerability from csaf_suse - Published: 2024-01-18 10:35 - Updated: 2024-01-18 10:35Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447).
- CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information (bsc#1217946).
- CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559).
- CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B that may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN (bsc#1179610 bsc#1215237).
- CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).
- CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1218335).
- CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component that could lead to local privilege escalation. (bsc#1218258).
- CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel's ipv4: igmp component that could lead to local privilege escalation (bsc#1218253).
- CVE-2023-6622: Fixed a null pointer dereference vulnerability in nft_dynset_init() that could allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service (bsc#1217938).
- CVE-2023-6121: Fixed an out-of-bounds read vulnerability in the NVMe-oF/TCP subsystem that could lead to information leak (bsc#1217250).
The following non-security bugs were fixed:
- Documentation: KVM: add separate directories for architecture-specific documentation (jsc#PED-7167).
- Documentation: KVM: update amd-memory-encryption.rst references (jsc#PED-7167).
- Documentation: KVM: update msr.rst reference (jsc#PED-7167).
- Documentation: KVM: update s390-diag.rst reference (jsc#PED-7167).
- Documentation: KVM: update s390-pv.rst reference (jsc#PED-7167).
- Documentation: drop more IDE boot options and ide-cd.rst (git-fixes).
- Documentation: qat: Use code block for qat sysfs example (git-fixes).
- Drop Documentation/ide/ (git-fixes).
- Fix crash on screen resize (bsc#1218229)
- Fix drm gem object underflow (bsc#1218092)
- Revert 'Limit kernel-source-azure build to architectures for which we build binaries (bsc#1108281).'
- Revert 'PCI/ASPM: Remove pcie_aspm_pm_state_change()' (git-fixes).
- Revert 'PCI: acpiphp: Reassign resources on bridge if necessary' (git-fixes).
- Revert 'md: unlock mddev before reap sync_thread in action_store' (git-fixes).
- Revert 'swiotlb: panic if nslabs is too small' (git-fixes).
- Revert 'xhci: Loosen RPM as default policy to cover for AMD xHC 1.1' (git-fixes).
- Update: drm/vmwgfx: Keep a gem reference to user bos in surfaces
- acpi: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470 (git-fixes).
- acpi: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects (git-fixes).
- acpica: Add AML_NO_OPERAND_RESOLVE flag to Timer (git-fixes).
- afs: Fix afs_server_list to be cleaned up with RCU (git-fixes).
- afs: Fix dynamic root lookup DNS check (git-fixes).
- afs: Fix file locking on R/O volumes to operate in local mode (git-fixes).
- afs: Fix overwriting of result of DNS query (git-fixes).
- afs: Fix refcount underflow from error handling race (git-fixes).
- afs: Fix the dynamic root's d_delete to always delete unused dentries (git-fixes).
- afs: Fix use-after-free due to get/remove race in volume tree (git-fixes).
- afs: Make error on cell lookup failure consistent with OpenAFS (git-fixes).
- afs: Return ENOENT if no cell DNS record can be found (git-fixes).
- alsa: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro (git-fixes).
- alsa: hda/hdmi: add force-connect quirk for NUC5CPYB (git-fixes).
- alsa: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants (git-fixes).
- alsa: hda/realtek: Add Framework laptop 16 to quirks (git-fixes).
- alsa: hda/realtek: Add quirk for ASUS ROG GV302XA (git-fixes).
- alsa: hda/realtek: Add supported ALC257 for ChromeOS (git-fixes).
- alsa: hda/realtek: Apply mute LED quirk for HP15-db (git-fixes).
- alsa: hda/realtek: Enable headset on Lenovo M90 Gen5 (git-fixes).
- alsa: hda/realtek: Fix mute and mic-mute LEDs for HP ProBook 440 G6 (git-fixes).
- alsa: hda/realtek: Headset Mic VREF to 100% (git-fixes).
- alsa: hda/realtek: add new Framework laptop to quirks (git-fixes).
- alsa: hda/realtek: enable SND_PCI_QUIRK for hp pavilion 14-ec1xxx series (git-fixes).
- alsa: hda/realtek: fix mute/micmute LEDs for a HP ZBook (git-fixes).
- alsa: hda/realtek: fix speakers on XPS 9530 (2023) (git-fixes).
- alsa: hda: intel-dsp-cfg: add LunarLake support (git-fixes).
- alsa: pcm: fix out-of-bounds in snd_pcm_state_names (git-fixes).
- alsa: seq: oss: Fix racy open/close of MIDI devices (git-fixes).
- alsa: usb-audio: Add Pioneer DJM-450 mixer controls (git-fixes).
- alsa: usb-audio: Increase delay in MOTU M quirk (git-fixes).
- apparmor: Free up __cleanup() name (jsc#PED-7167).
- arm64: dts: arm: add missing cache properties (git-fixes)
- arm64: dts: imx8mm: Add sound-dai-cells to micfil node (git-fixes)
- arm64: dts: imx8mn: Add sound-dai-cells to micfil node (git-fixes)
- arm64: dts: imx8mq-librem5: Remove dis_u3_susphy_quirk from (git-fixes)
- arm64: kdump: Skip kmemleak scan reserved memory for kdump (jsc#PED-7167).
- arm64: mm: Fix 'rodata=on' when CONFIG_RODATA_FULL_DEFAULT_ENABLED=y (git-fixes)
- arm: oMAP2+: Fix null pointer dereference and memory leak in omap_soc_device_init (git-fixes).
- arm: pL011: Fix DMA support (git-fixes).
- asoc: fsl_rpmsg: Fix error handler with pm_runtime_enable (git-fixes).
- asoc: hdmi-codec: fix missing report for jack initial status (git-fixes).
- asoc: meson: g12a-toacodec: Fix event generation (git-fixes).
- asoc: meson: g12a-toacodec: Validate written enum values (git-fixes).
- asoc: meson: g12a-tohdmitx: Fix event generation for S/PDIF mux (git-fixes).
- asoc: meson: g12a-tohdmitx: Validate written enum values (git-fixes).
- asoc: wm_adsp: fix memleak in wm_adsp_buffer_populate (git-fixes).
- bitmap: unify find_bit operations (jsc#PED-7167).
- block: fix revalidate performance regression (bsc#1216057).
- bluetooth: Fix deadlock in vhci_send_frame (git-fixes).
- bluetooth: L2CAP: Send reject on command corrupted request (git-fixes).
- bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE (git-fixes).
- bluetooth: btusb: Add new PID/VID 0489:e0f2 for MT7921 (bsc#1218461).
- bluetooth: hci_event: Fix not checking if HCI_OP_INQUIRY has been sent (git-fixes).
- bluetooth: hci_event: shut up a false-positive warning (git-fixes).
- bluetooth: hci_qca: Fix the teardown problem for real (git-fixes).
- bnxt: do not handle XDP in netpoll (jsc#PED-1495).
- bnxt_en: Clear resource reservation during resume (jsc#PED-1495).
- bnxt_en: Fix HWTSTAMP_FILTER_ALL packet timestamp logic (jsc#PED-1495).
- bnxt_en: Fix max_mtu setting for multi-buf XDP (jsc#PED-1495).
- bnxt_en: Fix page pool logic for page size >= 64K (jsc#PED-1495).
- bnxt_en: Fix wrong return value check in bnxt_close_nic() (jsc#PED-1495).
- bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI (jsc#PED-1495).
- bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234 git-fixes).
- bus: ti-sysc: Flush posted write only after srst_udelay (git-fixes).
- ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (bsc#1217980).
- ceph: fix type promotion bug on 32bit systems (bsc#1217982).
- cleanup: Make no_free_ptr() __must_check (jsc#PED-7167).
- clocksource: Add a Kconfig option for WATCHDOG_MAX_SKEW (bsc#1215885 bsc#1217217).
- clocksource: Enable TSC watchdog checking of HPET and PMTMR only when requested (bsc#1215885 bsc#1217217).
- clocksource: Handle negative skews in 'skew is too large' messages (bsc#1215885 bsc#1217217).
- clocksource: Improve 'skew is too large' messages (bsc#1215885 bsc#1217217).
- clocksource: Improve read-back-delay message (bsc#1215885 bsc#1217217).
- clocksource: Loosen clocksource watchdog constraints (bsc#1215885 bsc#1217217).
- clocksource: Print clocksource name when clocksource is tested unstable (bsc#1215885 bsc#1217217).
- clocksource: Verify HPET and PMTMR when TSC unverified (bsc#1215885 bsc#1217217).
- configfs-tsm: Introduce a shared ABI for attestation reports (jsc#PED-7167).
- crypto: ccp - Add SEV_INIT rc error logging on init (jsc#PED-7167).
- crypto: ccp - Add SEV_INIT_EX support (jsc#PED-7167).
- crypto: ccp - Add a header for multiple drivers to use `__psp_pa` (jsc#PED-7167).
- crypto: ccp - Add a quirk to firmware update (jsc#PED-7167).
- crypto: ccp - Add psp_init_on_probe module parameter (jsc#PED-7167).
- crypto: ccp - Drop TEE support for IRQ handler (jsc#PED-7167).
- crypto: ccp - Ensure psp_ret is always init'd in __sev_platform_init_locked() (jsc#PED-7167).
- crypto: ccp - Fail the PSP initialization when writing psp data file failed (jsc#PED-7167).
- crypto: ccp - Fix the INIT_EX data file open failure (jsc#PED-7167).
- crypto: ccp - Fix whitespace in sev_cmd_buffer_len() (jsc#PED-7167).
- crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware (jsc#PED-7167).
- crypto: ccp - Initialize PSP when reading psp data file failed (jsc#PED-7167).
- crypto: ccp - Log when resetting PSP SEV state (jsc#PED-7167).
- crypto: ccp - Move SEV_INIT retry for corrupted data (jsc#PED-7167).
- crypto: ccp - Move some PSP mailbox bit definitions into common header (jsc#PED-7167).
- crypto: ccp - Name -1 return value as SEV_RET_NO_FW_CALL (jsc#PED-7167).
- crypto: ccp - Refactor out sev_fw_alloc() (jsc#PED-7167).
- crypto: ccp - remove unneeded semicolon (jsc#PED-7167).
- crypto: ccp: Get rid of __sev_platform_init_locked()'s local function pointer (jsc#PED-7167).
- dm verity: initialize fec io before freeing it (git-fixes).
- dm-verity: do not use blocking calls from tasklets (git-fixes).
- dm: add cond_resched() to dm_wq_requeue_work() (git-fixes).
- dm: do not attempt to queue IO under RCU protection (git-fixes).
- dm: fix __send_duplicate_bios() to always allow for splitting IO (bsc#1215952).
- dm: fix improper splitting for abnormal bios (bsc#1215952).
- dm: verity-loadpin: Add NULL pointer check for 'bdev' parameter (git-fixes).
- dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776).
- dmaengine: ioat: Free up __cleanup() name (jsc#PED-7167).
- doc/README.SUSE: Add how to update the config for module signing (jsc#PED-5021)
- doc/README.SUSE: Remove how to build modules using kernel-source (jsc#PED-5021)
- doc/README.SUSE: Simplify the list of references (jsc#PED-5021)
- drm/amd/amdgpu: Fix warnings in amdgpu/amdgpu_display.c (git-fixes).
- drm/amdgpu/sdma5.2: add begin/end_use ring callbacks (bsc#1212139).
- drm/amdgpu: Add EEPROM I2C address support for ip discovery (git-fixes).
- drm/amdgpu: Add I2C EEPROM support on smu v13_0_6 (git-fixes).
- drm/amdgpu: Add support for RAS table at 0x40000 (git-fixes).
- drm/amdgpu: Decouple RAS EEPROM addresses from chips (git-fixes).
- drm/amdgpu: Remove redundant I2C EEPROM address (git-fixes).
- drm/amdgpu: Remove second moot switch to set EEPROM I2C address (git-fixes).
- drm/amdgpu: Return from switch early for EEPROM I2C address (git-fixes).
- drm/amdgpu: Update EEPROM I2C address for smu v13_0_0 (git-fixes).
- drm/amdgpu: Update ras eeprom support for smu v13_0_0 and v13_0_10 (git-fixes).
- drm/amdgpu: correct chunk_ptr to a pointer to chunk (git-fixes).
- drm/amdgpu: correct the amdgpu runtime dereference usage count (git-fixes).
- drm/amdgpu: fix tear down order in amdgpu_vm_pt_free (git-fixes).
- drm/amdgpu: simplify amdgpu_ras_eeprom.c (git-fixes).
- drm/bridge: parade-ps8640: Never store more than msg->size bytes in AUX xfer (git-fixes).
- drm/bridge: ps8640: Fix size mismatch warning w/ len (git-fixes).
- drm/bridge: tc358768: select CONFIG_VIDEOMODE_HELPERS (git-fixes).
- drm/bridge: ti-sn65dsi86: Never store more than msg->size bytes in AUX xfer (git-fixes).
- drm/i915/display: Drop check for doublescan mode in modevalid (git-fixes).
- drm/i915/dp: Fix passing the correct DPCD_REV for drm_dp_set_phy_test_pattern (git-fixes).
- drm/i915/dpt: Only do the POT stride remap when using DPT (git-fixes).
- drm/i915/lvds: Use REG_BIT() & co (git-fixes).
- drm/i915/mtl: limit second scaler vertical scaling in ver >= 14 (git-fixes).
- drm/i915/sdvo: stop caching has_hdmi_monitor in struct intel_sdvo (git-fixes).
- drm/i915: Fix intel_atomic_setup_scalers() plane_state handling (git-fixes).
- drm/i915: Fix remapped stride with CCS on ADL+ (git-fixes).
- drm/i915: Reject async flips with bigjoiner (git-fixes).
- drm/i915: Relocate intel_atomic_setup_scalers() (git-fixes).
- drm/i915: fix MAX_ORDER usage in i915_gem_object_get_pages_internal() (jsc#PED-7167).
- drm/mediatek: Add spinlock for setting vblank event in atomic_begin (git-fixes).
- drm/mgag200: Fix gamma lut not initialized for G200ER, G200EV, G200SE (git-fixes).
- efi/libstub: Implement support for unaccepted memory (jsc#PED-7167).
- efi/unaccepted: Avoid load_unaligned_zeropad() stepping into unaccepted memory (jsc#PED-7167).
- efi/unaccepted: Fix off-by-one when checking for overlapping ranges (jsc#PED-7167).
- efi/unaccepted: Fix soft lockups caused by parallel memory acceptance (jsc#PED-7167).
- efi/unaccepted: Make sure unaccepted table is mapped (jsc#PED-7167).
- efi/unaccepted: Use ACPI reclaim memory for unaccepted memory table (jsc#PED-7167).
- efi/x86: Get full memory map in allocate_e820() (jsc#PED-7167).
- efi: Add unaccepted memory support (jsc#PED-7167).
- efi: libstub: avoid efi_get_memory_map() for allocating the virt map (jsc#PED-7167).
- efi: libstub: install boot-time memory map as config table (jsc#PED-7167).
- efi: libstub: remove DT dependency from generic stub (jsc#PED-7167).
- efi: libstub: remove pointless goto kludge (jsc#PED-7167).
- efi: libstub: simplify efi_get_memory_map() and struct efi_boot_memmap (jsc#PED-7167).
- efi: libstub: unify initrd loading between architectures (jsc#PED-7167).
- floppy: fix MAX_ORDER usage (jsc#PED-7167).
- fprobe: Fix to ensure the number of active retprobes is not zero (git-fixes).
- fs/jfs: Add check for negative db_l2nbperpage (git-fixes).
- fs/jfs: Add validity check for db_maxag and db_agpref (git-fixes).
- fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount() (git-fixes).
- fs/remap: constrain dedupe of EOF blocks (git-fixes).
- fs: avoid empty option when generating legacy mount string (git-fixes).
- fs: fix an infinite loop in iomap_fiemap (git-fixes).
- fs: ocfs2: namei: check return value of ocfs2_add_entry() (git-fixes).
- genwqe: fix MAX_ORDER usage (jsc#PED-7167).
- gfs2: Add wrapper for iomap_file_buffered_write (git-fixes).
- gfs2: Check sb_bsize_shift after reading superblock (git-fixes).
- gfs2: Clean up function may_grant (git-fixes).
- gfs2: Fix filesystem block deallocation for short writes (git-fixes).
- gfs2: Fix gfs2_release for non-writers regression (git-fixes).
- gfs2: Fix inode height consistency check (git-fixes).
- gfs2: Fix length of holes reported at end-of-file (git-fixes).
- gfs2: Fix possible data races in gfs2_show_options() (git-fixes).
- gfs2: Improve gfs2_make_fs_rw error handling (git-fixes).
- gfs2: Make sure FITRIM minlen is rounded up to fs block size (git-fixes).
- gfs2: Silence 'suspicious RCU usage in gfs2_permission' warning (git-fixes).
- gfs2: Switch from strlcpy to strscpy (git-fixes).
- gfs2: fix an oops in gfs2_permission (git-fixes).
- gfs2: gfs2_setattr_size error path fix (git-fixes).
- gfs2: ignore negated quota changes (git-fixes).
- gfs2: jdata writepage fix (git-fixes).
- gfs2: use i_lock spin_lock for inode qadata (git-fixes).
- gpiolib: sysfs: Fix error handling on failed export (git-fixes).
- gve: Fixes for napi_poll when budget is 0 (git-fixes).
- gve: Use size_add() in call to struct_size() (git-fixes).
- hid: add ALWAYS_POLL quirk for Apple kb (git-fixes).
- hid: glorious: fix Glorious Model I HID report (git-fixes).
- hid: hid-asus: add const to read-only outgoing usb buffer (git-fixes).
- hid: hid-asus: reset the backlight brightness level on resume (git-fixes).
- hid: lenovo: Restrict detection of patched firmware only to USB cptkbd (git-fixes).
- hid: multitouch: Add quirk for HONOR GLO-GXXX touchpad (git-fixes).
- hwmon: (acpi_power_meter) Fix 4.29 MW bug (git-fixes).
- hwmon: (nzxt-kraken2) Fix error handling path in kraken2_probe() (git-fixes).
- i2c: aspeed: Handle the coalesced stop conditions with the start conditions (git-fixes).
- i2c: core: Fix atomic xfer check for non-preempt config (git-fixes).
- i2c: designware: Fix corrupted memory seen in the ISR (git-fixes).
- i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value (jsc#PED-372).
- i40e: Fix VF VLAN offloading when port VLAN is configured (jsc#PED-372).
- i40e: Fix unexpected MFS warning message (jsc#PED-372).
- i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (jsc#PED-372).
- i40e: fix misleading debug logs (jsc#PED-372).
- i40e: fix potential NULL pointer dereferencing of pf->vf i40e_sync_vsi_filters() (jsc#PED-372).
- i40e: fix potential memory leaks in i40e_remove() (jsc#PED-372).
- i40e: prevent crash on probe if hw registers have invalid values (jsc#PED-372).
- ib/mlx5: Fix init stage error handling to avoid double free of same QP and UAF (git-fixes)
- ib/mlx5: Fix rdma counter binding for RAW QP (git-fixes)
- igb: Avoid starting unnecessary workqueues (jsc#PED-370).
- igb: Change IGB_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-370).
- igb: Fix potential memory leak in igb_add_ethtool_nfc_entry (jsc#PED-370).
- igb: clean up in all error paths when enabling SR-IOV (jsc#PED-370).
- igb: disable virtualization features on 82580 (jsc#PED-370).
- igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-370).
- igc: Change IGC_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-375).
- igc: Expose tx-usecs coalesce setting to user (jsc#PED-375).
- igc: Fix ambiguity in the ethtool advertising (jsc#PED-375).
- igc: Fix infinite initialization loop with early XDP redirect (jsc#PED-375).
- igc: Fix the typo in the PTM Control macro (jsc#PED-375).
- iio: adc: ti_am335x_adc: Fix return value check of tiadc_request_dma() (git-fixes).
- iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion time table (git-fixes).
- iio: imu: inv_mpu6050: fix an error code problem in inv_mpu6050_read_raw (git-fixes).
- iio: triggered-buffer: prevent possible freeing of wrong buffer (git-fixes).
- input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN (git-fixes).
- input: ipaq-micro-keys - add error handling for devm_kmemdup (git-fixes).
- input: soc_button_array - add mapping for airplane mode button (git-fixes).
- input: xpad - add HyperX Clutch Gladiate Support (git-fixes).
- interconnect: Treat xlate() returning NULL node as an error (git-fixes).
- iomap: Fix iomap_dio_rw return value for user copies (git-fixes).
- iommu: fix MAX_ORDER usage in __iommu_dma_alloc_pages() (jsc#PED-7167).
- iov_iter, x86: Be consistent about the __user tag on copy_mc_to_user() (git-fixes).
- jfs: fix array-index-out-of-bounds in dbFindLeaf (git-fixes).
- jfs: fix array-index-out-of-bounds in diAlloc (git-fixes).
- jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount (git-fixes).
- jfs: validate max amount of blocks before allocation (git-fixes).
- kABI: Preserve the type of rethook::handler (git-fixes).
- kABI: restore void return to typec_altmode_attention (git-fixes).
- kabi/severities: ignore kABI for asus-wmi drivers Tolerate the kABI changes, as used only locally for asus-wmi stuff
- kabi/severities: make snp_issue_guest_request PASS (jsc#PED-7167)
- kabi: fix of_reserved_mem_* due to struct vm_struct became defined (jsc#PED-7167).
- kabi: fix sev-dev due to fs_struct became defined (jsc#PED-7167).
- kabi: fix struct efi after adding unaccepted memory table (jsc#PED-7167).
- kabi: fix struct zone kabi after adding unaccepted_pages and NR_UNACCEPTED (jsc#PED-7167).
- kbuild: Drop -Wdeclaration-after-statement (jsc#PED-7167).
- kconfig: fix memory leak from range properties (git-fixes).
- kernel-source: Remove config-options.changes (jsc#PED-5021)
- kprobes: consistent rcu api usage for kretprobe holder (git-fixes).
- kvm: arm64: Prevent kmemleak from accessing pKVM memory (jsc#PED-7167).
- kvm: s390/mm: Properly reset no-dat (git-fixes bsc#1218056).
- kvm: s390: vsie: fix wrong VIR 37 when MSO is used (git-fixes bsc#1217933).
- lib/vsprintf: Fix %pfwf when current node refcount == 0 (git-fixes).
- libceph: use kernel_connect() (bsc#1217981).
- limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281).
- locking: Introduce __cleanup() based infrastructure (jsc#PED-7167).
- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes).
- md/bitmap: do not set max_write_behind if there is no write mostly device (git-fixes).
- md/md-bitmap: hold 'reconfig_mutex' in backlog_store() (git-fixes).
- md/md-bitmap: remove unnecessary local variable in backlog_store() (git-fixes).
- md/raid0: add discard support for the 'original' layout (git-fixes).
- md/raid10: do not call bio_start_io_acct twice for bio which experienced read error (git-fixes).
- md/raid10: factor out code from wait_barrier() to stop_waiting_barrier() (git-fixes).
- md/raid10: factor out dereference_rdev_and_rrdev() (git-fixes).
- md/raid10: fix io loss while replacement replace rdev (git-fixes).
- md/raid10: fix leak of 'r10bio->remaining' for recovery (git-fixes).
- md/raid10: fix memleak for 'conf->bio_split' (git-fixes).
- md/raid10: fix memleak of md thread (git-fixes).
- md/raid10: fix null-ptr-deref in raid10_sync_request (git-fixes).
- md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request (git-fixes).
- md/raid10: fix overflow of md/safe_mode_delay (git-fixes).
- md/raid10: fix task hung in raid10d (git-fixes).
- md/raid10: fix the condition to call bio_end_io_acct() (git-fixes).
- md/raid10: fix wrong setting of max_corr_read_errors (git-fixes).
- md/raid10: prevent soft lockup while flush writes (git-fixes).
- md/raid10: use dereference_rdev_and_rrdev() to get devices (git-fixes).
- md/raid1: fix error: ISO C90 forbids mixed declarations (git-fixes).
- md/raid1: free the r1bio before waiting for blocked rdev (git-fixes).
- md/raid1: hold the barrier until handle_read_error() finishes (git-fixes).
- md/raid5-cache: fix a deadlock in r5l_exit_log() (git-fixes).
- md/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid() (git-fixes).
- md/raid5: fix miscalculation of 'end_sector' in raid5_read_one_chunk() (git-fixes).
- md: Put the right device in md_seq_next (bsc#1217822).
- md: Set MD_BROKEN for RAID1 and RAID10 (git-fixes).
- md: avoid signed overflow in slot_store() (git-fixes).
- md: do not update recovery_cp when curr_resync is ACTIVE (git-fixes).
- md: drop queue limitation for RAID1 and RAID10 (git-fixes).
- md: raid0: account for split bio in iostat accounting (git-fixes).
- md: raid10 add nowait support (git-fixes).
- md: raid1: fix potential OOB in raid1_remove_disk() (git-fixes).
- md: restore 'noio_flag' for the last mddev_resume() (git-fixes).
- md: select BLOCK_LEGACY_AUTOLOAD (git-fixes).
- memblock: exclude MEMBLOCK_NOMAP regions from kmemleak (jsc#PED-7167).
- memblock: make memblock_find_in_range method private (jsc#PED-7167).
- misc: mei: client.c: fix problem of return '-EOVERFLOW' in mei_cl_write (git-fixes).
- misc: mei: client.c: return negative error code in mei_cl_write (git-fixes).
- mkspec: Add multibuild support (JSC-SLE#5501, boo#1211226, bsc#1218184) When MULTIBUILD option in config.sh is enabled generate a _multibuild file listing all spec files.
- mm/page_alloc: make deferred page init free pages in MAX_ORDER blocks (jsc#PED-7167).
- mm/pgtable: Fix multiple -Wstringop-overflow warnings (jsc#PED-7167).
- mm/slab: Add __free() support for kvfree (jsc#PED-7167).
- mm/slub: fix MAX_ORDER usage in calculate_order() (jsc#PED-7167).
- mm: Add PAGE_ALIGN_DOWN macro (jsc#PED-7167).
- mm: Add support for unaccepted memory (jsc#PED-7167).
- mm: add pageblock_align() macro (jsc#PED-7167).
- mm: add pageblock_aligned() macro (jsc#PED-7167).
- mm: avoid passing 0 to __ffs() (jsc#PED-7167).
- mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors (bsc#1218515).
- mm: move kvmalloc-related functions to slab.h (jsc#PED-7167).
- mm: new primitive kvmemdup() (jsc#PED-7167).
- mm: reuse pageblock_start/end_pfn() macro (jsc#PED-7167).
- mmc: meson-mx-sdhc: Fix initialization frozen issue (git-fixes).
- mmc: rpmb: fixes pause retune on all RPMB partitions (git-fixes).
- mmc: sdhci-sprd: Fix eMMC init failure after hw reset (git-fixes).
- neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section (git-fixes).
- net/rose: Fix Use-After-Free in rose_ioctl (git-fixes).
- net/smc: Fix pos miscalculation in statistics (bsc#1218139).
- net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).
- net: 9p: avoid freeing uninit memory in p9pdu_vreadf (git-fixes).
- net: bnxt: fix a potential use-after-free in bnxt_init_tc (jsc#PED-1495).
- net: ena: Destroy correct number of xdp queues upon failure (git-fixes).
- net: ena: Fix XDP redirection error (git-fixes).
- net: ena: Fix xdp drops handling due to multibuf packets (git-fixes).
- net: ena: Flush XDP packets on error (git-fixes).
- net: mana: select PAGE_POOL (git-fixes).
- net: rfkill: gpio: set GPIO direction (git-fixes).
- net: usb: ax88179_178a: avoid failed operations when device is disconnected (git-fixes).
- net: usb: ax88179_178a: clean up pm calls (git-fixes).
- net: usb: ax88179_178a: wol optimizations (git-fixes).
- net: usb: qmi_wwan: claim interface 4 for ZTE MF290 (git-fixes).
- nfc: llcp_core: Hold a ref to llcp_local->dev when holding a ref to llcp_local (git-fixes).
- nfs: Fix O_DIRECT locking issues (bsc#1211162).
- nfs: Fix a few more clear_bit() instances that need release semantics (bsc#1211162).
- nfs: Fix a potential data corruption (bsc#1211162).
- nfs: Fix a use after free in nfs_direct_join_group() (bsc#1211162).
- nfs: Fix error handling for O_DIRECT write scheduling (bsc#1211162).
- nfs: More O_DIRECT accounting fixes for error paths (bsc#1211162).
- nfs: More fixes for nfs_direct_write_reschedule_io() (bsc#1211162).
- nfs: Use the correct commit info in nfs_join_page_group() (bsc#1211162).
- nfs: only issue commit in DIO codepath if we have uncommitted data (bsc#1211162).
- nilfs2: fix missing error check for sb_set_blocksize call (git-fixes).
- nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage() (git-fixes).
- nlm: Defend against file_lock changes after vfs_test_lock() (bsc#1217692).
- null_blk: fix poll request timeout handling (git-fixes).
- nvme-core: check for too small lba shift (bsc#1214117).
- nvme-pci: Add sleep quirk for Kingston drives (git-fixes).
- nvme-pci: always return an ERR_PTR from nvme_pci_alloc_dev (git-fixes).
- nvme-pci: do not set the NUMA node of device if it has none (git-fixes).
- nvme-pci: factor out a nvme_pci_alloc_dev helper (git-fixes).
- nvme-rdma: do not try to stop unallocated queues (git-fixes).
- nvme: sanitize metadata bounce buffer for reads (git-fixes).
- nvmet-auth: complete a request only after freeing the dhchap pointers (git-fixes).
- of: reserved_mem: Have kmemleak ignore dynamically allocated reserved mem (jsc#PED-7167).
- orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() (git-fixes).
- orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init() (git-fixes).
- orangefs: Fix sysfs not cleanup when dev init failed (git-fixes).
- orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() (git-fixes).
- padata: Fix refcnt handling in padata_free_shell() (git-fixes).
- parport: Add support for Brainboxes IX/UC/PX parallel cards (git-fixes).
- pci: loongson: Limit MRRS to 256 (git-fixes).
- perf/core: fix MAX_ORDER usage in rb_alloc_aux_page() (jsc#PED-7167).
- pinctrl: at91-pio4: use dedicated lock class for IRQ (git-fixes).
- platform/surface: aggregator: fix recv_buf() return value (git-fixes).
- platform/x86: asus-wmi: Add support for ROG X13 tablet mode (git-fixes).
- platform/x86: asus-wmi: Adjust tablet/lidflip handling to use enum (git-fixes).
- platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch reporting (git-fixes).
- platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi code (git-fixes).
- platform/x86: asus-wmi: Simplify tablet-mode-switch handling (git-fixes).
- platform/x86: asus-wmi: Simplify tablet-mode-switch probing (git-fixes).
- platform/x86: wmi: Allow duplicate GUIDs for drivers that use struct wmi_driver (git-fixes).
- platform/x86: wmi: Skip blocks with zero instances (git-fixes).
- powerpc/pseries/vas: Migration suspend waits for no in-progress open windows (bsc#1218397 ltc#204523).
- qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info (jsc#PED-1526).
- qed: Fix a potential use-after-free in qed_cxt_tables_alloc (jsc#PED-1526).
- qed: fix LL2 RX buffer allocation (jsc#PED-1526).
- qede: fix firmware halt over suspend and resume (jsc#PED-1526).
- qla2xxx: add debug log for deprecated hw detected (bsc#1216032).
- r8152: Add RTL8152_INACCESSIBLE checks to more loops (git-fixes).
- r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en() (git-fixes).
- r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1() (git-fixes).
- r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash() (git-fixes).
- r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE (git-fixes).
- r8169: Fix PCI error on system resume (git-fixes).
- rdma/bnxt_re: Correct module description string (jsc#PED-1495).
- rdma/core: Use size_{add,sub,mul}() in calls to struct_size() (git-fixes)
- rdma/hfi1: Use FIELD_GET() to extract Link Width (git-fixes)
- rdma/hfi1: Workaround truncation compilation error (git-fixes)
- rdma/hns: Add check for SL (git-fixes)
- rdma/hns: Fix printing level of asynchronous events (git-fixes)
- rdma/hns: Fix signed-unsigned mixed comparisons (git-fixes)
- rdma/hns: Fix uninitialized ucmd in hns_roce_create_qp_common() (git-fixes)
- rdma/hns: The UD mode can only be configured with DCQCN (git-fixes)
- regmap: fix bogus error on regcache_sync success (git-fixes).
- reiserfs: Check the return value from __getblk() (git-fixes).
- reiserfs: Replace 1-element array with C99 style flex-array (git-fixes).
- remove unnecessary WARN_ON_ONCE() (bsc#1214823 bsc#1218569).
- reset: Fix crash when freeing non-existent optional resets (git-fixes).
- restore renamed device IDs for USB HID devices (git-fixes).
- rethook: Fix to use WRITE_ONCE() for rethook:: Handler (git-fixes).
- rethook: Use __rcu pointer for rethook::handler (git-fixes).
- ring-buffer: Do not try to put back write_stamp (git-fixes).
- ring-buffer: Do not update before stamp when switching sub-buffers (git-fixes).
- ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs (git-fixes).
- ring-buffer: Fix memory leak of free page (git-fixes).
- ring-buffer: Fix slowpath of interrupted event (git-fixes).
- ring-buffer: Fix wake ups when buffer_percent is set to 100 (git-fixes).
- ring-buffer: Fix writing to the buffer with max_data_size (git-fixes).
- ring-buffer: Force absolute timestamp on discard of event (git-fixes).
- ring-buffer: Have saved event hold the entire event (git-fixes).
- ring-buffer: Remove useless update to write_stamp in rb_try_to_discard() (git-fixes).
- s390/vx: fix save/restore of fpu kernel context (git-fixes bsc#1218357).
- scsi: lpfc: use unsigned type for num_sge (bsc#1214747).
- serial: 8250: 8250_omap: Clear UART_HAS_RHR_IT_DIS bit (git-fixes).
- serial: 8250: 8250_omap: Do not start RX DMA on THRI interrupt (git-fixes).
- serial: sc16is7xx: address RX timeout interrupt errata (git-fixes).
- soundwire: stream: fix NULL pointer dereference for multi_link (git-fixes).
- spi: atmel: Fix clock issue when using devices with different polarities (git-fixes).
- statfs: enforce statfs[64] structure initialization (git-fixes).
- supported.conf: add drivers/virt/coco/tsm (jsc#PED-7167)
- swiotlb: always set the number of areas before allocating the pool (git-fixes).
- swiotlb: do not panic! (git-fixes).
- swiotlb: fix a braino in the alignment check fix (bsc#1216559).
- swiotlb: fix debugfs reporting of reserved memory pools (git-fixes).
- swiotlb: fix slot alignment checks (bsc#1216559).
- swiotlb: fix the deadlock in swiotlb_do_find_slots (git-fixes).
- swiotlb: mark swiotlb_memblock_alloc() as __init (git-fixes).
- swiotlb: reduce the number of areas to match actual memory pool size (git-fixes).
- swiotlb: reduce the swiotlb buffer size on allocation failure (git-fixes).
- swiotlb: use the calculated number of areas (git-fixes).
- tracing / synthetic: Disable events after testing in synth_event_gen_test_init() (git-fixes).
- tracing/kprobes: Fix the description of variable length arguments (git-fixes).
- tracing/kprobes: Fix the order of argument descriptions (git-fixes).
- tracing/perf: Add interrupt_context_level() helper (git-fixes).
- tracing/synthetic: fix kernel-doc warnings (git-fixes).
- tracing: Always update snapshot buffer size (git-fixes).
- tracing: Disable preemption when using the filter buffer (bsc#1217036).
- tracing: Disable snapshot buffer when stopping instance tracers (git-fixes).
- tracing: Fix a possible race when disabling buffered events (bsc#1217036).
- tracing: Fix a warning when allocating buffered events fails (bsc#1217036).
- tracing: Fix blocked reader of snapshot buffer (git-fixes).
- tracing: Fix incomplete locking when disabling buffered events (bsc#1217036).
- tracing: Fix warning in trace_buffered_event_disable() (git-fixes, bsc#1217036).
- tracing: Have the user copy of synthetic event address use correct context (git-fixes).
- tracing: Reuse logic from perf's get_recursion_context() (git-fixes).
- tracing: Set actual size after ring buffer resize (git-fixes).
- tracing: Stop current tracer when resizing buffer (git-fixes).
- tracing: Update snapshot buffer on resize if it is allocated (git-fixes).
- tracing: Use __this_cpu_read() in trace_event_buffer_lock_reserver() (bsc#1217036).
- tracing: relax trace_event_eval_update() execution with cond_resched() (git-fixes).
- uapi: propagate __struct_group() attributes to the container union (jsc#SLE-18978).
- ubifs: Fix memory leak of bud->log_hash (git-fixes).
- ubifs: fix possible dereference after free (git-fixes).
- usb-storage: Add quirk for incorrect WP on Kingston DT Ultimate 3.0 G3 (git-fixes).
- usb: aqc111: check packet for fixup for true limit (git-fixes).
- usb: config: fix iteration issue in 'usb_get_bos_descriptor()' (git-fixes).
- usb: host: xhci-plat: fix possible kernel oops while resuming (git-fixes).
- usb: hub: Guard against accesses to uninitialized BOS descriptors (git-fixes).
- usb: serial: ftdi_sio: update Actisense PIDs constant names (git-fixes).
- usb: serial: option: add Foxconn T99W265 with new baseline (git-fixes).
- usb: serial: option: add Quectel EG912Y module support (git-fixes).
- usb: serial: option: add Quectel RM500Q R13 firmware support (git-fixes).
- usb: typec: bus: verify partner exists in typec_altmode_attention (git-fixes).
- usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).
- usb: typec: ucsi: acpi: add quirk for ASUS Zenbook UM325 (git-fixes).
- virt/coco/sev-guest: Double-buffer messages (jsc#PED-7167).
- virt: coco: Add a coco/Makefile and coco/Kconfig (jsc#PED-7167).
- virt: sevguest: Add TSM_REPORTS support for SNP_GET_EXT_REPORT (jsc#PED-7167).
- virt: sevguest: Fix passing a stack buffer as a scatterlist target (jsc#PED-7167).
- virt: sevguest: Prep for kernel internal get_ext_report() (jsc#PED-7167).
- virt: tdx-guest: Add Quote generation support using TSM_REPORTS (jsc#PED-7167).
- vsprintf/kallsyms: Prevent invalid data when printing symbol (bsc#1217602).
- wifi: cfg80211: Add my certificate (git-fixes).
- wifi: cfg80211: fix certs build to not depend on file order (git-fixes).
- wifi: iwlwifi: pcie: add another missing bh-disable for rxq->lock (git-fixes).
- wifi: iwlwifi: pcie: do not synchronize IRQs from IRQ (git-fixes).
- wifi: mac80211: mesh: check element parsing succeeded (git-fixes).
- wifi: mac80211: mesh_plink: fix matches_local logic (git-fixes).
- x86/CPU/AMD: Check vendor in the AMD microcode callback (git-fixes).
- x86/alternatives: Disable KASAN in apply_alternatives() (git-fixes).
- x86/alternatives: Disable interrupts and sync when optimizing NOPs in place (git-fixes).
- x86/alternatives: Sync core before enabling interrupts (git-fixes).
- x86/boot/compressed: Handle unaccepted memory (jsc#PED-7167).
- x86/boot/compressed: Reserve more memory for page tables (git-fixes).
- x86/boot: Add an efi.h header for the decompressor (jsc#PED-7167).
- x86/boot: Centralize __pa()/__va() definitions (jsc#PED-7167).
- x86/boot: Fix incorrect startup_gdt_descr.size (git-fixes).
- x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (git-fixes).
- x86/cpu: Do not write CSTAR MSR on Intel CPUs (jsc#PED-7167).
- x86/cpu: Fix amd_check_microcode() declaration (git-fixes).
- x86/efi: Safely enable unaccepted memory in UEFI (jsc#PED-7167).
- x86/entry: Convert INT 0x80 emulation to IDTENTRY (bsc#1217927).
- x86/entry: Do not allow external 0x80 interrupts (bsc#1217927).
- x86/fpu/xstate: Prevent false-positive warning in __copy_xstate_uabi_buf() (git-fixes).
- x86/fpu: Invalidate FPU state correctly on exec() (git-fixes).
- x86/platform/uv: Use alternate source for socket to node data (bsc#1215696 bsc#1217790).
- x86/purgatory: Remove LTO flags (git-fixes).
- x86/resctrl: Fix kernel-doc warnings (git-fixes).
- x86/sev-es: Replace open-coded hlt-loop with sev_es_terminate() (jsc#PED-7167).
- x86/sev-es: Use insn_decode_mmio() for MMIO implementation (jsc#PED-7167).
- x86/sev: Add SNP-specific unaccepted memory support (jsc#PED-7167).
- x86/sev: Allow for use of the early boot GHCB for PSC requests (jsc#PED-7167).
- x86/sev: Change npages to unsigned long in snp_accept_memory() (jsc#PED-7167).
- x86/sev: Change snp_guest_issue_request()'s fw_err argument (jsc#PED-7167).
- x86/sev: Fix address space sparse warning (jsc#PED-7167).
- x86/sev: Get rid of special sev_es_enable_key (jsc#PED-7167).
- x86/sev: Mark snp_abort() noreturn (jsc#PED-7167).
- x86/sev: Put PSC struct on the stack in prep for unaccepted memory support (jsc#PED-7167).
- x86/sev: Use large PSC requests if applicable (jsc#PED-7167).
- x86/smp: Use dedicated cache-line for mwait_play_dead() (git-fixes).
- x86/srso: Add SRSO mitigation for Hygon processors (git-fixes).
- x86/srso: Fix SBPB enablement for (possible) future fixed HW (git-fixes).
- x86/srso: Fix vulnerability reporting for missing microcode (git-fixes).
- x86/tdx: Add unaccepted memory support (jsc#PED-7167).
- x86/tdx: Disable NOTIFY_ENABLES (jsc#PED-7167).
- x86/tdx: Make _tdx_hypercall() and __tdx_module_call() available in boot stub (jsc#PED-7167).
- x86/tdx: Refactor try_accept_one() (jsc#PED-7167).
- x86/tdx: Relax SEPT_VE_DISABLE check for debug TD (jsc#PED-7167).
- x86/tdx: Use ReportFatalError to report missing SEPT_VE_DISABLE (jsc#PED-7167).
- x86/tsc: Add option to force frequency recalibration with HW timer (bsc#1215885 bsc#1217217).
- x86/tsc: Be consistent about use_tsc_delay() (bsc#1215885 bsc#1217217).
- x86/tsc: Extend watchdog check exemption to 4-Sockets platform (bsc#1215885 bsc#1217217).
- x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry (git-fixes).
- xfs: Rename __xfs_attr_rmtval_remove (git-fixes).
- xfs: Use kvcalloc() instead of kvzalloc() (git-fixes).
- xfs: aborting inodes on shutdown may need buffer lock (git-fixes).
- xfs: add selinux labels to whiteout inodes (git-fixes).
- xfs: clean up '%Ld/%Lu' which does not meet C standard (git-fixes).
- xfs: convert flex-array declarations in struct xfs_attrlist* (git-fixes).
- xfs: convert flex-array declarations in xfs attr leaf blocks (git-fixes).
- xfs: convert flex-array declarations in xfs attr shortform objects (git-fixes).
- xfs: decode scrub flags in ftrace output (git-fixes).
- xfs: dump log intent items that cannot be recovered due to corruption (git-fixes).
- xfs: fix a bug in the online fsck directory leaf1 bestcount check (git-fixes).
- xfs: fix agf_fllast when repairing an empty AGFL (git-fixes).
- xfs: fix incorrect unit conversion in scrub tracepoint (git-fixes).
- xfs: fix silly whitespace problems with kernel libxfs (git-fixes).
- xfs: fix uninit warning in xfs_growfs_data (git-fixes).
- xfs: fix units conversion error in xfs_bmap_del_extent_delay (git-fixes).
- xfs: make sure maxlen is still congruent with prod when rounding down (git-fixes).
- xfs: remove kmem_alloc_io() (git-fixes).
- xfs: remove the xfs_dinode_t typedef (git-fixes).
- xfs: remove the xfs_dqblk_t typedef (git-fixes).
- xfs: remove the xfs_dsb_t typedef (git-fixes).
- xfs: rename xfs_has_attr() (git-fixes).
- xfs: replace snprintf in show functions with sysfs_emit (git-fixes).
- xfs: return EINTR when a fatal signal terminates scrub (git-fixes).
- xfs: sb verifier does not handle uncached sb buffer (git-fixes).
- xfs: simplify two-level sysctl registration for xfs_table (git-fixes).
- xfs: sysfs: use default_groups in kobj_type (git-fixes).
- xfs: use swap() to make dabtree code cleaner (git-fixes).
- xhci: Clear EHB bit only at end of interrupt handler (git-fixes).
Patchnames: SUSE-2024-141,SUSE-SLE-Module-Public-Cloud-15-SP5-2024-141,openSUSE-SLE-15.5-2024-141
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector\u0027s deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447).\n- CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information (bsc#1217946).\n- CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559).\n- CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B that may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN (bsc#1179610 bsc#1215237).\n- CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).\n- CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1218335).\n- CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component that could lead to local privilege escalation. (bsc#1218258).\n- CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component that could lead to local privilege escalation (bsc#1218253).\n- CVE-2023-6622: Fixed a null pointer dereference vulnerability in nft_dynset_init() that could allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service (bsc#1217938).\n- CVE-2023-6121: Fixed an out-of-bounds read vulnerability in the NVMe-oF/TCP subsystem that could lead to information leak (bsc#1217250).\n\nThe following non-security bugs were fixed:\n\n- Documentation: KVM: add separate directories for architecture-specific documentation (jsc#PED-7167).\n- Documentation: KVM: update amd-memory-encryption.rst references (jsc#PED-7167).\n- Documentation: KVM: update msr.rst reference (jsc#PED-7167).\n- Documentation: KVM: update s390-diag.rst reference (jsc#PED-7167).\n- Documentation: KVM: update s390-pv.rst reference (jsc#PED-7167).\n- Documentation: drop more IDE boot options and ide-cd.rst (git-fixes).\n- Documentation: qat: Use code block for qat sysfs example (git-fixes).\n- Drop Documentation/ide/ (git-fixes).\n- Fix crash on screen resize (bsc#1218229)\n- Fix drm gem object underflow (bsc#1218092)\n- Revert \u0027Limit kernel-source-azure build to architectures for which we build binaries (bsc#1108281).\u0027\n- Revert \u0027PCI/ASPM: Remove pcie_aspm_pm_state_change()\u0027 (git-fixes).\n- Revert \u0027PCI: acpiphp: Reassign resources on bridge if necessary\u0027 (git-fixes).\n- Revert \u0027md: unlock mddev before reap sync_thread in action_store\u0027 (git-fixes).\n- Revert \u0027swiotlb: panic if nslabs is too small\u0027 (git-fixes).\n- Revert \u0027xhci: Loosen RPM as default policy to cover for AMD xHC 1.1\u0027 (git-fixes).\n- Update: drm/vmwgfx: Keep a gem reference to user bos in surfaces\n- acpi: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470 (git-fixes).\n- acpi: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects (git-fixes).\n- acpica: Add AML_NO_OPERAND_RESOLVE flag to Timer (git-fixes).\n- afs: Fix afs_server_list to be cleaned up with RCU (git-fixes).\n- afs: Fix dynamic root lookup DNS check (git-fixes).\n- afs: Fix file locking on R/O volumes to operate in local mode (git-fixes).\n- afs: Fix overwriting of result of DNS query (git-fixes).\n- afs: Fix refcount underflow from error handling race (git-fixes).\n- afs: Fix the dynamic root\u0027s d_delete to always delete unused dentries (git-fixes).\n- afs: Fix use-after-free due to get/remove race in volume tree (git-fixes).\n- afs: Make error on cell lookup failure consistent with OpenAFS (git-fixes).\n- afs: Return ENOENT if no cell DNS record can be found (git-fixes).\n- alsa: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro (git-fixes).\n- alsa: hda/hdmi: add force-connect quirk for NUC5CPYB (git-fixes).\n- alsa: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants (git-fixes).\n- alsa: hda/realtek: Add Framework laptop 16 to quirks (git-fixes).\n- alsa: hda/realtek: Add quirk for ASUS ROG GV302XA (git-fixes).\n- alsa: hda/realtek: Add supported ALC257 for ChromeOS (git-fixes).\n- alsa: hda/realtek: Apply mute LED quirk for HP15-db (git-fixes).\n- alsa: hda/realtek: Enable headset on Lenovo M90 Gen5 (git-fixes).\n- alsa: hda/realtek: Fix mute and mic-mute LEDs for HP ProBook 440 G6 (git-fixes).\n- alsa: hda/realtek: Headset Mic VREF to 100% (git-fixes).\n- alsa: hda/realtek: add new Framework laptop to quirks (git-fixes).\n- alsa: hda/realtek: enable SND_PCI_QUIRK for hp pavilion 14-ec1xxx series (git-fixes).\n- alsa: hda/realtek: fix mute/micmute LEDs for a HP ZBook (git-fixes).\n- alsa: hda/realtek: fix speakers on XPS 9530 (2023) (git-fixes).\n- alsa: hda: intel-dsp-cfg: add LunarLake support (git-fixes).\n- alsa: pcm: fix out-of-bounds in snd_pcm_state_names (git-fixes).\n- alsa: seq: oss: Fix racy open/close of MIDI devices (git-fixes).\n- alsa: usb-audio: Add Pioneer DJM-450 mixer controls (git-fixes).\n- alsa: usb-audio: Increase delay in MOTU M quirk (git-fixes).\n- apparmor: Free up __cleanup() name (jsc#PED-7167).\n- arm64: dts: arm: add missing cache properties (git-fixes)\n- arm64: dts: imx8mm: Add sound-dai-cells to micfil node (git-fixes)\n- arm64: dts: imx8mn: Add sound-dai-cells to micfil node (git-fixes)\n- arm64: dts: imx8mq-librem5: Remove dis_u3_susphy_quirk from (git-fixes)\n- arm64: kdump: Skip kmemleak scan reserved memory for kdump (jsc#PED-7167).\n- arm64: mm: Fix \u0027rodata=on\u0027 when CONFIG_RODATA_FULL_DEFAULT_ENABLED=y (git-fixes)\n- arm: oMAP2+: Fix null pointer dereference and memory leak in omap_soc_device_init (git-fixes).\n- arm: pL011: Fix DMA support (git-fixes).\n- asoc: fsl_rpmsg: Fix error handler with pm_runtime_enable (git-fixes).\n- asoc: hdmi-codec: fix missing report for jack initial status (git-fixes).\n- asoc: meson: g12a-toacodec: Fix event generation (git-fixes).\n- asoc: meson: g12a-toacodec: Validate written enum values (git-fixes).\n- asoc: meson: g12a-tohdmitx: Fix event generation for S/PDIF mux (git-fixes).\n- asoc: meson: g12a-tohdmitx: Validate written enum values (git-fixes).\n- asoc: wm_adsp: fix memleak in wm_adsp_buffer_populate (git-fixes).\n- bitmap: unify find_bit operations (jsc#PED-7167).\n- block: fix revalidate performance regression (bsc#1216057).\n- bluetooth: Fix deadlock in vhci_send_frame (git-fixes).\n- bluetooth: L2CAP: Send reject on command corrupted request (git-fixes).\n- bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE (git-fixes).\n- bluetooth: btusb: Add new PID/VID 0489:e0f2 for MT7921 (bsc#1218461).\n- bluetooth: hci_event: Fix not checking if HCI_OP_INQUIRY has been sent (git-fixes).\n- bluetooth: hci_event: shut up a false-positive warning (git-fixes).\n- bluetooth: hci_qca: Fix the teardown problem for real (git-fixes).\n- bnxt: do not handle XDP in netpoll (jsc#PED-1495).\n- bnxt_en: Clear resource reservation during resume (jsc#PED-1495).\n- bnxt_en: Fix HWTSTAMP_FILTER_ALL packet timestamp logic (jsc#PED-1495).\n- bnxt_en: Fix max_mtu setting for multi-buf XDP (jsc#PED-1495).\n- bnxt_en: Fix page pool logic for page size \u003e= 64K (jsc#PED-1495).\n- bnxt_en: Fix wrong return value check in bnxt_close_nic() (jsc#PED-1495).\n- bnxt_en: Flush XDP for bnxt_poll_nitroa0()\u0027s NAPI (jsc#PED-1495).\n- bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234 git-fixes).\n- bus: ti-sysc: Flush posted write only after srst_udelay (git-fixes).\n- ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (bsc#1217980).\n- ceph: fix type promotion bug on 32bit systems (bsc#1217982).\n- cleanup: Make no_free_ptr() __must_check (jsc#PED-7167).\n- clocksource: Add a Kconfig option for WATCHDOG_MAX_SKEW (bsc#1215885 bsc#1217217).\n- clocksource: Enable TSC watchdog checking of HPET and PMTMR only when requested (bsc#1215885 bsc#1217217).\n- clocksource: Handle negative skews in \u0027skew is too large\u0027 messages (bsc#1215885 bsc#1217217).\n- clocksource: Improve \u0027skew is too large\u0027 messages (bsc#1215885 bsc#1217217).\n- clocksource: Improve read-back-delay message (bsc#1215885 bsc#1217217).\n- clocksource: Loosen clocksource watchdog constraints (bsc#1215885 bsc#1217217).\n- clocksource: Print clocksource name when clocksource is tested unstable (bsc#1215885 bsc#1217217).\n- clocksource: Verify HPET and PMTMR when TSC unverified (bsc#1215885 bsc#1217217).\n- configfs-tsm: Introduce a shared ABI for attestation reports (jsc#PED-7167).\n- crypto: ccp - Add SEV_INIT rc error logging on init (jsc#PED-7167).\n- crypto: ccp - Add SEV_INIT_EX support (jsc#PED-7167).\n- crypto: ccp - Add a header for multiple drivers to use `__psp_pa` (jsc#PED-7167).\n- crypto: ccp - Add a quirk to firmware update (jsc#PED-7167).\n- crypto: ccp - Add psp_init_on_probe module parameter (jsc#PED-7167).\n- crypto: ccp - Drop TEE support for IRQ handler (jsc#PED-7167).\n- crypto: ccp - Ensure psp_ret is always init\u0027d in __sev_platform_init_locked() (jsc#PED-7167).\n- crypto: ccp - Fail the PSP initialization when writing psp data file failed (jsc#PED-7167).\n- crypto: ccp - Fix the INIT_EX data file open failure (jsc#PED-7167).\n- crypto: ccp - Fix whitespace in sev_cmd_buffer_len() (jsc#PED-7167).\n- crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware (jsc#PED-7167).\n- crypto: ccp - Initialize PSP when reading psp data file failed (jsc#PED-7167).\n- crypto: ccp - Log when resetting PSP SEV state (jsc#PED-7167).\n- crypto: ccp - Move SEV_INIT retry for corrupted data (jsc#PED-7167).\n- crypto: ccp - Move some PSP mailbox bit definitions into common header (jsc#PED-7167).\n- crypto: ccp - Name -1 return value as SEV_RET_NO_FW_CALL (jsc#PED-7167).\n- crypto: ccp - Refactor out sev_fw_alloc() (jsc#PED-7167).\n- crypto: ccp - remove unneeded semicolon (jsc#PED-7167).\n- crypto: ccp: Get rid of __sev_platform_init_locked()\u0027s local function pointer (jsc#PED-7167).\n- dm verity: initialize fec io before freeing it (git-fixes).\n- dm-verity: do not use blocking calls from tasklets (git-fixes).\n- dm: add cond_resched() to dm_wq_requeue_work() (git-fixes).\n- dm: do not attempt to queue IO under RCU protection (git-fixes).\n- dm: fix __send_duplicate_bios() to always allow for splitting IO (bsc#1215952).\n- dm: fix improper splitting for abnormal bios (bsc#1215952).\n- dm: verity-loadpin: Add NULL pointer check for \u0027bdev\u0027 parameter (git-fixes).\n- dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776).\n- dmaengine: ioat: Free up __cleanup() name (jsc#PED-7167).\n- doc/README.SUSE: Add how to update the config for module signing (jsc#PED-5021)\n- doc/README.SUSE: Remove how to build modules using kernel-source (jsc#PED-5021)\n- doc/README.SUSE: Simplify the list of references (jsc#PED-5021)\n- drm/amd/amdgpu: Fix warnings in amdgpu/amdgpu_display.c (git-fixes).\n- drm/amdgpu/sdma5.2: add begin/end_use ring callbacks (bsc#1212139).\n- drm/amdgpu: Add EEPROM I2C address support for ip discovery (git-fixes).\n- drm/amdgpu: Add I2C EEPROM support on smu v13_0_6 (git-fixes).\n- drm/amdgpu: Add support for RAS table at 0x40000 (git-fixes).\n- drm/amdgpu: Decouple RAS EEPROM addresses from chips (git-fixes).\n- drm/amdgpu: Remove redundant I2C EEPROM address (git-fixes).\n- drm/amdgpu: Remove second moot switch to set EEPROM I2C address (git-fixes).\n- drm/amdgpu: Return from switch early for EEPROM I2C address (git-fixes).\n- drm/amdgpu: Update EEPROM I2C address for smu v13_0_0 (git-fixes).\n- drm/amdgpu: Update ras eeprom support for smu v13_0_0 and v13_0_10 (git-fixes).\n- drm/amdgpu: correct chunk_ptr to a pointer to chunk (git-fixes).\n- drm/amdgpu: correct the amdgpu runtime dereference usage count (git-fixes).\n- drm/amdgpu: fix tear down order in amdgpu_vm_pt_free (git-fixes).\n- drm/amdgpu: simplify amdgpu_ras_eeprom.c (git-fixes).\n- drm/bridge: parade-ps8640: Never store more than msg-\u003esize bytes in AUX xfer (git-fixes).\n- drm/bridge: ps8640: Fix size mismatch warning w/ len (git-fixes).\n- drm/bridge: tc358768: select CONFIG_VIDEOMODE_HELPERS (git-fixes).\n- drm/bridge: ti-sn65dsi86: Never store more than msg-\u003esize bytes in AUX xfer (git-fixes).\n- drm/i915/display: Drop check for doublescan mode in modevalid (git-fixes).\n- drm/i915/dp: Fix passing the correct DPCD_REV for drm_dp_set_phy_test_pattern (git-fixes).\n- drm/i915/dpt: Only do the POT stride remap when using DPT (git-fixes).\n- drm/i915/lvds: Use REG_BIT() \u0026 co (git-fixes).\n- drm/i915/mtl: limit second scaler vertical scaling in ver \u003e= 14 (git-fixes).\n- drm/i915/sdvo: stop caching has_hdmi_monitor in struct intel_sdvo (git-fixes).\n- drm/i915: Fix intel_atomic_setup_scalers() plane_state handling (git-fixes).\n- drm/i915: Fix remapped stride with CCS on ADL+ (git-fixes).\n- drm/i915: Reject async flips with bigjoiner (git-fixes).\n- drm/i915: Relocate intel_atomic_setup_scalers() (git-fixes).\n- drm/i915: fix MAX_ORDER usage in i915_gem_object_get_pages_internal() (jsc#PED-7167).\n- drm/mediatek: Add spinlock for setting vblank event in atomic_begin (git-fixes).\n- drm/mgag200: Fix gamma lut not initialized for G200ER, G200EV, G200SE (git-fixes).\n- efi/libstub: Implement support for unaccepted memory (jsc#PED-7167).\n- efi/unaccepted: Avoid load_unaligned_zeropad() stepping into unaccepted memory (jsc#PED-7167).\n- efi/unaccepted: Fix off-by-one when checking for overlapping ranges (jsc#PED-7167).\n- efi/unaccepted: Fix soft lockups caused by parallel memory acceptance (jsc#PED-7167).\n- efi/unaccepted: Make sure unaccepted table is mapped (jsc#PED-7167).\n- efi/unaccepted: Use ACPI reclaim memory for unaccepted memory table (jsc#PED-7167).\n- efi/x86: Get full memory map in allocate_e820() (jsc#PED-7167).\n- efi: Add unaccepted memory support (jsc#PED-7167).\n- efi: libstub: avoid efi_get_memory_map() for allocating the virt map (jsc#PED-7167).\n- efi: libstub: install boot-time memory map as config table (jsc#PED-7167).\n- efi: libstub: remove DT dependency from generic stub (jsc#PED-7167).\n- efi: libstub: remove pointless goto kludge (jsc#PED-7167).\n- efi: libstub: simplify efi_get_memory_map() and struct efi_boot_memmap (jsc#PED-7167).\n- efi: libstub: unify initrd loading between architectures (jsc#PED-7167).\n- floppy: fix MAX_ORDER usage (jsc#PED-7167).\n- fprobe: Fix to ensure the number of active retprobes is not zero (git-fixes).\n- fs/jfs: Add check for negative db_l2nbperpage (git-fixes).\n- fs/jfs: Add validity check for db_maxag and db_agpref (git-fixes).\n- fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount() (git-fixes).\n- fs/remap: constrain dedupe of EOF blocks (git-fixes).\n- fs: avoid empty option when generating legacy mount string (git-fixes).\n- fs: fix an infinite loop in iomap_fiemap (git-fixes).\n- fs: ocfs2: namei: check return value of ocfs2_add_entry() (git-fixes).\n- genwqe: fix MAX_ORDER usage (jsc#PED-7167).\n- gfs2: Add wrapper for iomap_file_buffered_write (git-fixes).\n- gfs2: Check sb_bsize_shift after reading superblock (git-fixes).\n- gfs2: Clean up function may_grant (git-fixes).\n- gfs2: Fix filesystem block deallocation for short writes (git-fixes).\n- gfs2: Fix gfs2_release for non-writers regression (git-fixes).\n- gfs2: Fix inode height consistency check (git-fixes).\n- gfs2: Fix length of holes reported at end-of-file (git-fixes).\n- gfs2: Fix possible data races in gfs2_show_options() (git-fixes).\n- gfs2: Improve gfs2_make_fs_rw error handling (git-fixes).\n- gfs2: Make sure FITRIM minlen is rounded up to fs block size (git-fixes).\n- gfs2: Silence \u0027suspicious RCU usage in gfs2_permission\u0027 warning (git-fixes).\n- gfs2: Switch from strlcpy to strscpy (git-fixes).\n- gfs2: fix an oops in gfs2_permission (git-fixes).\n- gfs2: gfs2_setattr_size error path fix (git-fixes).\n- gfs2: ignore negated quota changes (git-fixes).\n- gfs2: jdata writepage fix (git-fixes).\n- gfs2: use i_lock spin_lock for inode qadata (git-fixes).\n- gpiolib: sysfs: Fix error handling on failed export (git-fixes).\n- gve: Fixes for napi_poll when budget is 0 (git-fixes).\n- gve: Use size_add() in call to struct_size() (git-fixes).\n- hid: add ALWAYS_POLL quirk for Apple kb (git-fixes).\n- hid: glorious: fix Glorious Model I HID report (git-fixes).\n- hid: hid-asus: add const to read-only outgoing usb buffer (git-fixes).\n- hid: hid-asus: reset the backlight brightness level on resume (git-fixes).\n- hid: lenovo: Restrict detection of patched firmware only to USB cptkbd (git-fixes).\n- hid: multitouch: Add quirk for HONOR GLO-GXXX touchpad (git-fixes).\n- hwmon: (acpi_power_meter) Fix 4.29 MW bug (git-fixes).\n- hwmon: (nzxt-kraken2) Fix error handling path in kraken2_probe() (git-fixes).\n- i2c: aspeed: Handle the coalesced stop conditions with the start conditions (git-fixes).\n- i2c: core: Fix atomic xfer check for non-preempt config (git-fixes).\n- i2c: designware: Fix corrupted memory seen in the ISR (git-fixes).\n- i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value (jsc#PED-372).\n- i40e: Fix VF VLAN offloading when port VLAN is configured (jsc#PED-372).\n- i40e: Fix unexpected MFS warning message (jsc#PED-372).\n- i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (jsc#PED-372).\n- i40e: fix misleading debug logs (jsc#PED-372).\n- i40e: fix potential NULL pointer dereferencing of pf-\u003evf i40e_sync_vsi_filters() (jsc#PED-372).\n- i40e: fix potential memory leaks in i40e_remove() (jsc#PED-372).\n- i40e: prevent crash on probe if hw registers have invalid values (jsc#PED-372).\n- ib/mlx5: Fix init stage error handling to avoid double free of same QP and UAF (git-fixes)\n- ib/mlx5: Fix rdma counter binding for RAW QP (git-fixes)\n- igb: Avoid starting unnecessary workqueues (jsc#PED-370).\n- igb: Change IGB_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-370).\n- igb: Fix potential memory leak in igb_add_ethtool_nfc_entry (jsc#PED-370).\n- igb: clean up in all error paths when enabling SR-IOV (jsc#PED-370).\n- igb: disable virtualization features on 82580 (jsc#PED-370).\n- igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-370).\n- igc: Change IGC_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-375).\n- igc: Expose tx-usecs coalesce setting to user (jsc#PED-375).\n- igc: Fix ambiguity in the ethtool advertising (jsc#PED-375).\n- igc: Fix infinite initialization loop with early XDP redirect (jsc#PED-375).\n- igc: Fix the typo in the PTM Control macro (jsc#PED-375).\n- iio: adc: ti_am335x_adc: Fix return value check of tiadc_request_dma() (git-fixes).\n- iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion time table (git-fixes).\n- iio: imu: inv_mpu6050: fix an error code problem in inv_mpu6050_read_raw (git-fixes).\n- iio: triggered-buffer: prevent possible freeing of wrong buffer (git-fixes).\n- input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN (git-fixes).\n- input: ipaq-micro-keys - add error handling for devm_kmemdup (git-fixes).\n- input: soc_button_array - add mapping for airplane mode button (git-fixes).\n- input: xpad - add HyperX Clutch Gladiate Support (git-fixes).\n- interconnect: Treat xlate() returning NULL node as an error (git-fixes).\n- iomap: Fix iomap_dio_rw return value for user copies (git-fixes).\n- iommu: fix MAX_ORDER usage in __iommu_dma_alloc_pages() (jsc#PED-7167).\n- iov_iter, x86: Be consistent about the __user tag on copy_mc_to_user() (git-fixes).\n- jfs: fix array-index-out-of-bounds in dbFindLeaf (git-fixes).\n- jfs: fix array-index-out-of-bounds in diAlloc (git-fixes).\n- jfs: fix invalid free of JFS_IP(ipimap)-\u003ei_imap in diUnmount (git-fixes).\n- jfs: validate max amount of blocks before allocation (git-fixes).\n- kABI: Preserve the type of rethook::handler (git-fixes).\n- kABI: restore void return to typec_altmode_attention (git-fixes).\n- kabi/severities: ignore kABI for asus-wmi drivers Tolerate the kABI changes, as used only locally for asus-wmi stuff\n- kabi/severities: make snp_issue_guest_request PASS (jsc#PED-7167)\n- kabi: fix of_reserved_mem_* due to struct vm_struct became defined (jsc#PED-7167).\n- kabi: fix sev-dev due to fs_struct became defined (jsc#PED-7167).\n- kabi: fix struct efi after adding unaccepted memory table (jsc#PED-7167).\n- kabi: fix struct zone kabi after adding unaccepted_pages and NR_UNACCEPTED (jsc#PED-7167).\n- kbuild: Drop -Wdeclaration-after-statement (jsc#PED-7167).\n- kconfig: fix memory leak from range properties (git-fixes).\n- kernel-source: Remove config-options.changes (jsc#PED-5021)\n- kprobes: consistent rcu api usage for kretprobe holder (git-fixes).\n- kvm: arm64: Prevent kmemleak from accessing pKVM memory (jsc#PED-7167).\n- kvm: s390/mm: Properly reset no-dat (git-fixes bsc#1218056).\n- kvm: s390: vsie: fix wrong VIR 37 when MSO is used (git-fixes bsc#1217933).\n- lib/vsprintf: Fix %pfwf when current node refcount == 0 (git-fixes).\n- libceph: use kernel_connect() (bsc#1217981).\n- limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281).\n- locking: Introduce __cleanup() based infrastructure (jsc#PED-7167).\n- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes).\n- md/bitmap: do not set max_write_behind if there is no write mostly device (git-fixes).\n- md/md-bitmap: hold \u0027reconfig_mutex\u0027 in backlog_store() (git-fixes).\n- md/md-bitmap: remove unnecessary local variable in backlog_store() (git-fixes).\n- md/raid0: add discard support for the \u0027original\u0027 layout (git-fixes).\n- md/raid10: do not call bio_start_io_acct twice for bio which experienced read error (git-fixes).\n- md/raid10: factor out code from wait_barrier() to stop_waiting_barrier() (git-fixes).\n- md/raid10: factor out dereference_rdev_and_rrdev() (git-fixes).\n- md/raid10: fix io loss while replacement replace rdev (git-fixes).\n- md/raid10: fix leak of \u0027r10bio-\u003eremaining\u0027 for recovery (git-fixes).\n- md/raid10: fix memleak for \u0027conf-\u003ebio_split\u0027 (git-fixes).\n- md/raid10: fix memleak of md thread (git-fixes).\n- md/raid10: fix null-ptr-deref in raid10_sync_request (git-fixes).\n- md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request (git-fixes).\n- md/raid10: fix overflow of md/safe_mode_delay (git-fixes).\n- md/raid10: fix task hung in raid10d (git-fixes).\n- md/raid10: fix the condition to call bio_end_io_acct() (git-fixes).\n- md/raid10: fix wrong setting of max_corr_read_errors (git-fixes).\n- md/raid10: prevent soft lockup while flush writes (git-fixes).\n- md/raid10: use dereference_rdev_and_rrdev() to get devices (git-fixes).\n- md/raid1: fix error: ISO C90 forbids mixed declarations (git-fixes).\n- md/raid1: free the r1bio before waiting for blocked rdev (git-fixes).\n- md/raid1: hold the barrier until handle_read_error() finishes (git-fixes).\n- md/raid5-cache: fix a deadlock in r5l_exit_log() (git-fixes).\n- md/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid() (git-fixes).\n- md/raid5: fix miscalculation of \u0027end_sector\u0027 in raid5_read_one_chunk() (git-fixes).\n- md: Put the right device in md_seq_next (bsc#1217822).\n- md: Set MD_BROKEN for RAID1 and RAID10 (git-fixes).\n- md: avoid signed overflow in slot_store() (git-fixes).\n- md: do not update recovery_cp when curr_resync is ACTIVE (git-fixes).\n- md: drop queue limitation for RAID1 and RAID10 (git-fixes).\n- md: raid0: account for split bio in iostat accounting (git-fixes).\n- md: raid10 add nowait support (git-fixes).\n- md: raid1: fix potential OOB in raid1_remove_disk() (git-fixes).\n- md: restore \u0027noio_flag\u0027 for the last mddev_resume() (git-fixes).\n- md: select BLOCK_LEGACY_AUTOLOAD (git-fixes).\n- memblock: exclude MEMBLOCK_NOMAP regions from kmemleak (jsc#PED-7167).\n- memblock: make memblock_find_in_range method private (jsc#PED-7167).\n- misc: mei: client.c: fix problem of return \u0027-EOVERFLOW\u0027 in mei_cl_write (git-fixes).\n- misc: mei: client.c: return negative error code in mei_cl_write (git-fixes).\n- mkspec: Add multibuild support (JSC-SLE#5501, boo#1211226, bsc#1218184) When MULTIBUILD option in config.sh is enabled generate a _multibuild file listing all spec files.\n- mm/page_alloc: make deferred page init free pages in MAX_ORDER blocks (jsc#PED-7167).\n- mm/pgtable: Fix multiple -Wstringop-overflow warnings (jsc#PED-7167).\n- mm/slab: Add __free() support for kvfree (jsc#PED-7167).\n- mm/slub: fix MAX_ORDER usage in calculate_order() (jsc#PED-7167).\n- mm: Add PAGE_ALIGN_DOWN macro (jsc#PED-7167).\n- mm: Add support for unaccepted memory (jsc#PED-7167).\n- mm: add pageblock_align() macro (jsc#PED-7167).\n- mm: add pageblock_aligned() macro (jsc#PED-7167).\n- mm: avoid passing 0 to __ffs() (jsc#PED-7167).\n- mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors (bsc#1218515).\n- mm: move kvmalloc-related functions to slab.h (jsc#PED-7167).\n- mm: new primitive kvmemdup() (jsc#PED-7167).\n- mm: reuse pageblock_start/end_pfn() macro (jsc#PED-7167).\n- mmc: meson-mx-sdhc: Fix initialization frozen issue (git-fixes).\n- mmc: rpmb: fixes pause retune on all RPMB partitions (git-fixes).\n- mmc: sdhci-sprd: Fix eMMC init failure after hw reset (git-fixes).\n- neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section (git-fixes).\n- net/rose: Fix Use-After-Free in rose_ioctl (git-fixes).\n- net/smc: Fix pos miscalculation in statistics (bsc#1218139).\n- net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).\n- net: 9p: avoid freeing uninit memory in p9pdu_vreadf (git-fixes).\n- net: bnxt: fix a potential use-after-free in bnxt_init_tc (jsc#PED-1495).\n- net: ena: Destroy correct number of xdp queues upon failure (git-fixes).\n- net: ena: Fix XDP redirection error (git-fixes).\n- net: ena: Fix xdp drops handling due to multibuf packets (git-fixes).\n- net: ena: Flush XDP packets on error (git-fixes).\n- net: mana: select PAGE_POOL (git-fixes).\n- net: rfkill: gpio: set GPIO direction (git-fixes).\n- net: usb: ax88179_178a: avoid failed operations when device is disconnected (git-fixes).\n- net: usb: ax88179_178a: clean up pm calls (git-fixes).\n- net: usb: ax88179_178a: wol optimizations (git-fixes).\n- net: usb: qmi_wwan: claim interface 4 for ZTE MF290 (git-fixes).\n- nfc: llcp_core: Hold a ref to llcp_local-\u003edev when holding a ref to llcp_local (git-fixes).\n- nfs: Fix O_DIRECT locking issues (bsc#1211162).\n- nfs: Fix a few more clear_bit() instances that need release semantics (bsc#1211162).\n- nfs: Fix a potential data corruption (bsc#1211162).\n- nfs: Fix a use after free in nfs_direct_join_group() (bsc#1211162).\n- nfs: Fix error handling for O_DIRECT write scheduling (bsc#1211162).\n- nfs: More O_DIRECT accounting fixes for error paths (bsc#1211162).\n- nfs: More fixes for nfs_direct_write_reschedule_io() (bsc#1211162).\n- nfs: Use the correct commit info in nfs_join_page_group() (bsc#1211162).\n- nfs: only issue commit in DIO codepath if we have uncommitted data (bsc#1211162).\n- nilfs2: fix missing error check for sb_set_blocksize call (git-fixes).\n- nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage() (git-fixes).\n- nlm: Defend against file_lock changes after vfs_test_lock() (bsc#1217692).\n- null_blk: fix poll request timeout handling (git-fixes).\n- nvme-core: check for too small lba shift (bsc#1214117).\n- nvme-pci: Add sleep quirk for Kingston drives (git-fixes).\n- nvme-pci: always return an ERR_PTR from nvme_pci_alloc_dev (git-fixes).\n- nvme-pci: do not set the NUMA node of device if it has none (git-fixes).\n- nvme-pci: factor out a nvme_pci_alloc_dev helper (git-fixes).\n- nvme-rdma: do not try to stop unallocated queues (git-fixes).\n- nvme: sanitize metadata bounce buffer for reads (git-fixes).\n- nvmet-auth: complete a request only after freeing the dhchap pointers (git-fixes).\n- of: reserved_mem: Have kmemleak ignore dynamically allocated reserved mem (jsc#PED-7167).\n- orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() (git-fixes).\n- orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init() (git-fixes).\n- orangefs: Fix sysfs not cleanup when dev init failed (git-fixes).\n- orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() (git-fixes).\n- padata: Fix refcnt handling in padata_free_shell() (git-fixes).\n- parport: Add support for Brainboxes IX/UC/PX parallel cards (git-fixes).\n- pci: loongson: Limit MRRS to 256 (git-fixes).\n- perf/core: fix MAX_ORDER usage in rb_alloc_aux_page() (jsc#PED-7167).\n- pinctrl: at91-pio4: use dedicated lock class for IRQ (git-fixes).\n- platform/surface: aggregator: fix recv_buf() return value (git-fixes).\n- platform/x86: asus-wmi: Add support for ROG X13 tablet mode (git-fixes).\n- platform/x86: asus-wmi: Adjust tablet/lidflip handling to use enum (git-fixes).\n- platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch reporting (git-fixes).\n- platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi code (git-fixes).\n- platform/x86: asus-wmi: Simplify tablet-mode-switch handling (git-fixes).\n- platform/x86: asus-wmi: Simplify tablet-mode-switch probing (git-fixes).\n- platform/x86: wmi: Allow duplicate GUIDs for drivers that use struct wmi_driver (git-fixes).\n- platform/x86: wmi: Skip blocks with zero instances (git-fixes).\n- powerpc/pseries/vas: Migration suspend waits for no in-progress open windows (bsc#1218397 ltc#204523).\n- qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info (jsc#PED-1526).\n- qed: Fix a potential use-after-free in qed_cxt_tables_alloc (jsc#PED-1526).\n- qed: fix LL2 RX buffer allocation (jsc#PED-1526).\n- qede: fix firmware halt over suspend and resume (jsc#PED-1526).\n- qla2xxx: add debug log for deprecated hw detected (bsc#1216032).\n- r8152: Add RTL8152_INACCESSIBLE checks to more loops (git-fixes).\n- r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en() (git-fixes).\n- r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1() (git-fixes).\n- r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash() (git-fixes).\n- r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE (git-fixes).\n- r8169: Fix PCI error on system resume (git-fixes).\n- rdma/bnxt_re: Correct module description string (jsc#PED-1495).\n- rdma/core: Use size_{add,sub,mul}() in calls to struct_size() (git-fixes)\n- rdma/hfi1: Use FIELD_GET() to extract Link Width (git-fixes)\n- rdma/hfi1: Workaround truncation compilation error (git-fixes)\n- rdma/hns: Add check for SL (git-fixes)\n- rdma/hns: Fix printing level of asynchronous events (git-fixes)\n- rdma/hns: Fix signed-unsigned mixed comparisons (git-fixes)\n- rdma/hns: Fix uninitialized ucmd in hns_roce_create_qp_common() (git-fixes)\n- rdma/hns: The UD mode can only be configured with DCQCN (git-fixes)\n- regmap: fix bogus error on regcache_sync success (git-fixes).\n- reiserfs: Check the return value from __getblk() (git-fixes).\n- reiserfs: Replace 1-element array with C99 style flex-array (git-fixes).\n- remove unnecessary WARN_ON_ONCE() (bsc#1214823 bsc#1218569).\n- reset: Fix crash when freeing non-existent optional resets (git-fixes).\n- restore renamed device IDs for USB HID devices (git-fixes).\n- rethook: Fix to use WRITE_ONCE() for rethook:: Handler (git-fixes).\n- rethook: Use __rcu pointer for rethook::handler (git-fixes).\n- ring-buffer: Do not try to put back write_stamp (git-fixes).\n- ring-buffer: Do not update before stamp when switching sub-buffers (git-fixes).\n- ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs (git-fixes).\n- ring-buffer: Fix memory leak of free page (git-fixes).\n- ring-buffer: Fix slowpath of interrupted event (git-fixes).\n- ring-buffer: Fix wake ups when buffer_percent is set to 100 (git-fixes).\n- ring-buffer: Fix writing to the buffer with max_data_size (git-fixes).\n- ring-buffer: Force absolute timestamp on discard of event (git-fixes).\n- ring-buffer: Have saved event hold the entire event (git-fixes).\n- ring-buffer: Remove useless update to write_stamp in rb_try_to_discard() (git-fixes).\n- s390/vx: fix save/restore of fpu kernel context (git-fixes bsc#1218357).\n- scsi: lpfc: use unsigned type for num_sge (bsc#1214747).\n- serial: 8250: 8250_omap: Clear UART_HAS_RHR_IT_DIS bit (git-fixes).\n- serial: 8250: 8250_omap: Do not start RX DMA on THRI interrupt (git-fixes).\n- serial: sc16is7xx: address RX timeout interrupt errata (git-fixes).\n- soundwire: stream: fix NULL pointer dereference for multi_link (git-fixes).\n- spi: atmel: Fix clock issue when using devices with different polarities (git-fixes).\n- statfs: enforce statfs[64] structure initialization (git-fixes).\n- supported.conf: add drivers/virt/coco/tsm (jsc#PED-7167)\n- swiotlb: always set the number of areas before allocating the pool (git-fixes).\n- swiotlb: do not panic! (git-fixes).\n- swiotlb: fix a braino in the alignment check fix (bsc#1216559).\n- swiotlb: fix debugfs reporting of reserved memory pools (git-fixes).\n- swiotlb: fix slot alignment checks (bsc#1216559).\n- swiotlb: fix the deadlock in swiotlb_do_find_slots (git-fixes).\n- swiotlb: mark swiotlb_memblock_alloc() as __init (git-fixes).\n- swiotlb: reduce the number of areas to match actual memory pool size (git-fixes).\n- swiotlb: reduce the swiotlb buffer size on allocation failure (git-fixes).\n- swiotlb: use the calculated number of areas (git-fixes).\n- tracing / synthetic: Disable events after testing in synth_event_gen_test_init() (git-fixes).\n- tracing/kprobes: Fix the description of variable length arguments (git-fixes).\n- tracing/kprobes: Fix the order of argument descriptions (git-fixes).\n- tracing/perf: Add interrupt_context_level() helper (git-fixes).\n- tracing/synthetic: fix kernel-doc warnings (git-fixes).\n- tracing: Always update snapshot buffer size (git-fixes).\n- tracing: Disable preemption when using the filter buffer (bsc#1217036).\n- tracing: Disable snapshot buffer when stopping instance tracers (git-fixes).\n- tracing: Fix a possible race when disabling buffered events (bsc#1217036).\n- tracing: Fix a warning when allocating buffered events fails (bsc#1217036).\n- tracing: Fix blocked reader of snapshot buffer (git-fixes).\n- tracing: Fix incomplete locking when disabling buffered events (bsc#1217036).\n- tracing: Fix warning in trace_buffered_event_disable() (git-fixes, bsc#1217036).\n- tracing: Have the user copy of synthetic event address use correct context (git-fixes).\n- tracing: Reuse logic from perf\u0027s get_recursion_context() (git-fixes).\n- tracing: Set actual size after ring buffer resize (git-fixes).\n- tracing: Stop current tracer when resizing buffer (git-fixes).\n- tracing: Update snapshot buffer on resize if it is allocated (git-fixes).\n- tracing: Use __this_cpu_read() in trace_event_buffer_lock_reserver() (bsc#1217036).\n- tracing: relax trace_event_eval_update() execution with cond_resched() (git-fixes).\n- uapi: propagate __struct_group() attributes to the container union (jsc#SLE-18978).\n- ubifs: Fix memory leak of bud-\u003elog_hash (git-fixes).\n- ubifs: fix possible dereference after free (git-fixes).\n- usb-storage: Add quirk for incorrect WP on Kingston DT Ultimate 3.0 G3 (git-fixes).\n- usb: aqc111: check packet for fixup for true limit (git-fixes).\n- usb: config: fix iteration issue in \u0027usb_get_bos_descriptor()\u0027 (git-fixes).\n- usb: host: xhci-plat: fix possible kernel oops while resuming (git-fixes).\n- usb: hub: Guard against accesses to uninitialized BOS descriptors (git-fixes).\n- usb: serial: ftdi_sio: update Actisense PIDs constant names (git-fixes).\n- usb: serial: option: add Foxconn T99W265 with new baseline (git-fixes).\n- usb: serial: option: add Quectel EG912Y module support (git-fixes).\n- usb: serial: option: add Quectel RM500Q R13 firmware support (git-fixes).\n- usb: typec: bus: verify partner exists in typec_altmode_attention (git-fixes).\n- usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).\n- usb: typec: ucsi: acpi: add quirk for ASUS Zenbook UM325 (git-fixes).\n- virt/coco/sev-guest: Double-buffer messages (jsc#PED-7167).\n- virt: coco: Add a coco/Makefile and coco/Kconfig (jsc#PED-7167).\n- virt: sevguest: Add TSM_REPORTS support for SNP_GET_EXT_REPORT (jsc#PED-7167).\n- virt: sevguest: Fix passing a stack buffer as a scatterlist target (jsc#PED-7167).\n- virt: sevguest: Prep for kernel internal get_ext_report() (jsc#PED-7167).\n- virt: tdx-guest: Add Quote generation support using TSM_REPORTS (jsc#PED-7167).\n- vsprintf/kallsyms: Prevent invalid data when printing symbol (bsc#1217602).\n- wifi: cfg80211: Add my certificate (git-fixes).\n- wifi: cfg80211: fix certs build to not depend on file order (git-fixes).\n- wifi: iwlwifi: pcie: add another missing bh-disable for rxq-\u003elock (git-fixes).\n- wifi: iwlwifi: pcie: do not synchronize IRQs from IRQ (git-fixes).\n- wifi: mac80211: mesh: check element parsing succeeded (git-fixes).\n- wifi: mac80211: mesh_plink: fix matches_local logic (git-fixes).\n- x86/CPU/AMD: Check vendor in the AMD microcode callback (git-fixes).\n- x86/alternatives: Disable KASAN in apply_alternatives() (git-fixes).\n- x86/alternatives: Disable interrupts and sync when optimizing NOPs in place (git-fixes).\n- x86/alternatives: Sync core before enabling interrupts (git-fixes).\n- x86/boot/compressed: Handle unaccepted memory (jsc#PED-7167).\n- x86/boot/compressed: Reserve more memory for page tables (git-fixes).\n- x86/boot: Add an efi.h header for the decompressor (jsc#PED-7167).\n- x86/boot: Centralize __pa()/__va() definitions (jsc#PED-7167).\n- x86/boot: Fix incorrect startup_gdt_descr.size (git-fixes).\n- x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (git-fixes).\n- x86/cpu: Do not write CSTAR MSR on Intel CPUs (jsc#PED-7167).\n- x86/cpu: Fix amd_check_microcode() declaration (git-fixes).\n- x86/efi: Safely enable unaccepted memory in UEFI (jsc#PED-7167).\n- x86/entry: Convert INT 0x80 emulation to IDTENTRY (bsc#1217927).\n- x86/entry: Do not allow external 0x80 interrupts (bsc#1217927).\n- x86/fpu/xstate: Prevent false-positive warning in __copy_xstate_uabi_buf() (git-fixes).\n- x86/fpu: Invalidate FPU state correctly on exec() (git-fixes).\n- x86/platform/uv: Use alternate source for socket to node data (bsc#1215696 bsc#1217790).\n- x86/purgatory: Remove LTO flags (git-fixes).\n- x86/resctrl: Fix kernel-doc warnings (git-fixes).\n- x86/sev-es: Replace open-coded hlt-loop with sev_es_terminate() (jsc#PED-7167).\n- x86/sev-es: Use insn_decode_mmio() for MMIO implementation (jsc#PED-7167).\n- x86/sev: Add SNP-specific unaccepted memory support (jsc#PED-7167).\n- x86/sev: Allow for use of the early boot GHCB for PSC requests (jsc#PED-7167).\n- x86/sev: Change npages to unsigned long in snp_accept_memory() (jsc#PED-7167).\n- x86/sev: Change snp_guest_issue_request()\u0027s fw_err argument (jsc#PED-7167).\n- x86/sev: Fix address space sparse warning (jsc#PED-7167).\n- x86/sev: Get rid of special sev_es_enable_key (jsc#PED-7167).\n- x86/sev: Mark snp_abort() noreturn (jsc#PED-7167).\n- x86/sev: Put PSC struct on the stack in prep for unaccepted memory support (jsc#PED-7167).\n- x86/sev: Use large PSC requests if applicable (jsc#PED-7167).\n- x86/smp: Use dedicated cache-line for mwait_play_dead() (git-fixes).\n- x86/srso: Add SRSO mitigation for Hygon processors (git-fixes).\n- x86/srso: Fix SBPB enablement for (possible) future fixed HW (git-fixes).\n- x86/srso: Fix vulnerability reporting for missing microcode (git-fixes).\n- x86/tdx: Add unaccepted memory support (jsc#PED-7167).\n- x86/tdx: Disable NOTIFY_ENABLES (jsc#PED-7167).\n- x86/tdx: Make _tdx_hypercall() and __tdx_module_call() available in boot stub (jsc#PED-7167).\n- x86/tdx: Refactor try_accept_one() (jsc#PED-7167).\n- x86/tdx: Relax SEPT_VE_DISABLE check for debug TD (jsc#PED-7167).\n- x86/tdx: Use ReportFatalError to report missing SEPT_VE_DISABLE (jsc#PED-7167).\n- x86/tsc: Add option to force frequency recalibration with HW timer (bsc#1215885 bsc#1217217).\n- x86/tsc: Be consistent about use_tsc_delay() (bsc#1215885 bsc#1217217).\n- x86/tsc: Extend watchdog check exemption to 4-Sockets platform (bsc#1215885 bsc#1217217).\n- x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry (git-fixes).\n- xfs: Rename __xfs_attr_rmtval_remove (git-fixes).\n- xfs: Use kvcalloc() instead of kvzalloc() (git-fixes).\n- xfs: aborting inodes on shutdown may need buffer lock (git-fixes).\n- xfs: add selinux labels to whiteout inodes (git-fixes).\n- xfs: clean up \u0027%Ld/%Lu\u0027 which does not meet C standard (git-fixes).\n- xfs: convert flex-array declarations in struct xfs_attrlist* (git-fixes).\n- xfs: convert flex-array declarations in xfs attr leaf blocks (git-fixes).\n- xfs: convert flex-array declarations in xfs attr shortform objects (git-fixes).\n- xfs: decode scrub flags in ftrace output (git-fixes).\n- xfs: dump log intent items that cannot be recovered due to corruption (git-fixes).\n- xfs: fix a bug in the online fsck directory leaf1 bestcount check (git-fixes).\n- xfs: fix agf_fllast when repairing an empty AGFL (git-fixes).\n- xfs: fix incorrect unit conversion in scrub tracepoint (git-fixes).\n- xfs: fix silly whitespace problems with kernel libxfs (git-fixes).\n- xfs: fix uninit warning in xfs_growfs_data (git-fixes).\n- xfs: fix units conversion error in xfs_bmap_del_extent_delay (git-fixes).\n- xfs: make sure maxlen is still congruent with prod when rounding down (git-fixes).\n- xfs: remove kmem_alloc_io() (git-fixes).\n- xfs: remove the xfs_dinode_t typedef (git-fixes).\n- xfs: remove the xfs_dqblk_t typedef (git-fixes).\n- xfs: remove the xfs_dsb_t typedef (git-fixes).\n- xfs: rename xfs_has_attr() (git-fixes).\n- xfs: replace snprintf in show functions with sysfs_emit (git-fixes).\n- xfs: return EINTR when a fatal signal terminates scrub (git-fixes).\n- xfs: sb verifier does not handle uncached sb buffer (git-fixes).\n- xfs: simplify two-level sysctl registration for xfs_table (git-fixes).\n- xfs: sysfs: use default_groups in kobj_type (git-fixes).\n- xfs: use swap() to make dabtree code cleaner (git-fixes).\n- xhci: Clear EHB bit only at end of interrupt handler (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-141,SUSE-SLE-Module-Public-Cloud-15-SP5-2024-141,openSUSE-SLE-15.5-2024-141",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0141-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:0141-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20240141-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:0141-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017677.html"
},
{
"category": "self",
"summary": "SUSE Bug 1108281",
"url": "https://bugzilla.suse.com/1108281"
},
{
"category": "self",
"summary": "SUSE Bug 1179610",
"url": "https://bugzilla.suse.com/1179610"
},
{
"category": "self",
"summary": "SUSE Bug 1183045",
"url": "https://bugzilla.suse.com/1183045"
},
{
"category": "self",
"summary": "SUSE Bug 1211162",
"url": "https://bugzilla.suse.com/1211162"
},
{
"category": "self",
"summary": "SUSE Bug 1211226",
"url": "https://bugzilla.suse.com/1211226"
},
{
"category": "self",
"summary": "SUSE Bug 1212139",
"url": "https://bugzilla.suse.com/1212139"
},
{
"category": "self",
"summary": "SUSE Bug 1212584",
"url": "https://bugzilla.suse.com/1212584"
},
{
"category": "self",
"summary": "SUSE Bug 1214117",
"url": "https://bugzilla.suse.com/1214117"
},
{
"category": "self",
"summary": "SUSE Bug 1214747",
"url": "https://bugzilla.suse.com/1214747"
},
{
"category": "self",
"summary": "SUSE Bug 1214823",
"url": "https://bugzilla.suse.com/1214823"
},
{
"category": "self",
"summary": "SUSE Bug 1215237",
"url": "https://bugzilla.suse.com/1215237"
},
{
"category": "self",
"summary": "SUSE Bug 1215696",
"url": "https://bugzilla.suse.com/1215696"
},
{
"category": "self",
"summary": "SUSE Bug 1215885",
"url": "https://bugzilla.suse.com/1215885"
},
{
"category": "self",
"summary": "SUSE Bug 1215952",
"url": "https://bugzilla.suse.com/1215952"
},
{
"category": "self",
"summary": "SUSE Bug 1216032",
"url": "https://bugzilla.suse.com/1216032"
},
{
"category": "self",
"summary": "SUSE Bug 1216057",
"url": "https://bugzilla.suse.com/1216057"
},
{
"category": "self",
"summary": "SUSE Bug 1216559",
"url": "https://bugzilla.suse.com/1216559"
},
{
"category": "self",
"summary": "SUSE Bug 1216776",
"url": "https://bugzilla.suse.com/1216776"
},
{
"category": "self",
"summary": "SUSE Bug 1217036",
"url": "https://bugzilla.suse.com/1217036"
},
{
"category": "self",
"summary": "SUSE Bug 1217217",
"url": "https://bugzilla.suse.com/1217217"
},
{
"category": "self",
"summary": "SUSE Bug 1217250",
"url": "https://bugzilla.suse.com/1217250"
},
{
"category": "self",
"summary": "SUSE Bug 1217602",
"url": "https://bugzilla.suse.com/1217602"
},
{
"category": "self",
"summary": "SUSE Bug 1217692",
"url": "https://bugzilla.suse.com/1217692"
},
{
"category": "self",
"summary": "SUSE Bug 1217790",
"url": "https://bugzilla.suse.com/1217790"
},
{
"category": "self",
"summary": "SUSE Bug 1217801",
"url": "https://bugzilla.suse.com/1217801"
},
{
"category": "self",
"summary": "SUSE Bug 1217822",
"url": "https://bugzilla.suse.com/1217822"
},
{
"category": "self",
"summary": "SUSE Bug 1217927",
"url": "https://bugzilla.suse.com/1217927"
},
{
"category": "self",
"summary": "SUSE Bug 1217933",
"url": "https://bugzilla.suse.com/1217933"
},
{
"category": "self",
"summary": "SUSE Bug 1217938",
"url": "https://bugzilla.suse.com/1217938"
},
{
"category": "self",
"summary": "SUSE Bug 1217946",
"url": "https://bugzilla.suse.com/1217946"
},
{
"category": "self",
"summary": "SUSE Bug 1217947",
"url": "https://bugzilla.suse.com/1217947"
},
{
"category": "self",
"summary": "SUSE Bug 1217980",
"url": "https://bugzilla.suse.com/1217980"
},
{
"category": "self",
"summary": "SUSE Bug 1217981",
"url": "https://bugzilla.suse.com/1217981"
},
{
"category": "self",
"summary": "SUSE Bug 1217982",
"url": "https://bugzilla.suse.com/1217982"
},
{
"category": "self",
"summary": "SUSE Bug 1218056",
"url": "https://bugzilla.suse.com/1218056"
},
{
"category": "self",
"summary": "SUSE Bug 1218092",
"url": "https://bugzilla.suse.com/1218092"
},
{
"category": "self",
"summary": "SUSE Bug 1218139",
"url": "https://bugzilla.suse.com/1218139"
},
{
"category": "self",
"summary": "SUSE Bug 1218184",
"url": "https://bugzilla.suse.com/1218184"
},
{
"category": "self",
"summary": "SUSE Bug 1218229",
"url": "https://bugzilla.suse.com/1218229"
},
{
"category": "self",
"summary": "SUSE Bug 1218234",
"url": "https://bugzilla.suse.com/1218234"
},
{
"category": "self",
"summary": "SUSE Bug 1218253",
"url": "https://bugzilla.suse.com/1218253"
},
{
"category": "self",
"summary": "SUSE Bug 1218258",
"url": "https://bugzilla.suse.com/1218258"
},
{
"category": "self",
"summary": "SUSE Bug 1218335",
"url": "https://bugzilla.suse.com/1218335"
},
{
"category": "self",
"summary": "SUSE Bug 1218357",
"url": "https://bugzilla.suse.com/1218357"
},
{
"category": "self",
"summary": "SUSE Bug 1218397",
"url": "https://bugzilla.suse.com/1218397"
},
{
"category": "self",
"summary": "SUSE Bug 1218447",
"url": "https://bugzilla.suse.com/1218447"
},
{
"category": "self",
"summary": "SUSE Bug 1218461",
"url": "https://bugzilla.suse.com/1218461"
},
{
"category": "self",
"summary": "SUSE Bug 1218515",
"url": "https://bugzilla.suse.com/1218515"
},
{
"category": "self",
"summary": "SUSE Bug 1218559",
"url": "https://bugzilla.suse.com/1218559"
},
{
"category": "self",
"summary": "SUSE Bug 1218569",
"url": "https://bugzilla.suse.com/1218569"
},
{
"category": "self",
"summary": "SUSE Bug 1218643",
"url": "https://bugzilla.suse.com/1218643"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-26555 page",
"url": "https://www.suse.com/security/cve/CVE-2020-26555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51779 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6121 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6531 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6546 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6606 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6610 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6931 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6932 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6932/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-01-18T10:35:42Z",
"generator": {
"date": "2024-01-18T10:35:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:0141-1",
"initial_release_date": "2024-01-18T10:35:42Z",
"revision_history": [
{
"date": "2024-01-18T10:35:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"product": {
"name": "cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"product_id": "cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"product": {
"name": "dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"product_id": "dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"product": {
"name": "gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"product_id": "gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-5.14.21-150500.33.29.1.aarch64",
"product": {
"name": "kernel-azure-5.14.21-150500.33.29.1.aarch64",
"product_id": "kernel-azure-5.14.21-150500.33.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"product": {
"name": "kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"product_id": "kernel-azure-devel-5.14.21-150500.33.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"product": {
"name": "kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"product_id": "kernel-azure-extra-5.14.21-150500.33.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"product": {
"name": "kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"product_id": "kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"product": {
"name": "kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"product_id": "kernel-azure-optional-5.14.21-150500.33.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"product": {
"name": "kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"product_id": "kernel-syms-azure-5.14.21-150500.33.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"product": {
"name": "kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"product_id": "kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"product": {
"name": "ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"product_id": "ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"product": {
"name": "reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"product_id": "reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"product": {
"name": "kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"product_id": "kernel-devel-azure-5.14.21-150500.33.29.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"product": {
"name": "kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"product_id": "kernel-source-azure-5.14.21-150500.33.29.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"product_id": "cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"product": {
"name": "dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"product_id": "dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"product_id": "gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-5.14.21-150500.33.29.1.x86_64",
"product": {
"name": "kernel-azure-5.14.21-150500.33.29.1.x86_64",
"product_id": "kernel-azure-5.14.21-150500.33.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"product": {
"name": "kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"product_id": "kernel-azure-devel-5.14.21-150500.33.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"product": {
"name": "kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"product_id": "kernel-azure-extra-5.14.21-150500.33.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"product": {
"name": "kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"product_id": "kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"product": {
"name": "kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"product_id": "kernel-azure-optional-5.14.21-150500.33.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"product": {
"name": "kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"product_id": "kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"product": {
"name": "kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"product_id": "kernel-syms-azure-5.14.21-150500.33.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"product_id": "kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"product_id": "ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"product": {
"name": "reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"product_id": "reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.14.21-150500.33.29.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "kernel-azure-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.14.21-150500.33.29.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "kernel-azure-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.14.21-150500.33.29.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.14.21-150500.33.29.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-5.14.21-150500.33.29.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch"
},
"product_reference": "kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-5.14.21-150500.33.29.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch"
},
"product_reference": "kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.14.21-150500.33.29.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.14.21-150500.33.29.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.14.21-150500.33.29.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "kernel-azure-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.14.21-150500.33.29.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "kernel-azure-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.14.21-150500.33.29.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.14.21-150500.33.29.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-5.14.21-150500.33.29.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-5.14.21-150500.33.29.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-5.14.21-150500.33.29.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-5.14.21-150500.33.29.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-5.14.21-150500.33.29.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch"
},
"product_reference": "kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-5.14.21-150500.33.29.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch"
},
"product_reference": "kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.14.21-150500.33.29.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.14.21-150500.33.29.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64"
},
"product_reference": "reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
},
"product_reference": "reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-26555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-26555"
}
],
"notes": [
{
"category": "general",
"text": "Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-26555",
"url": "https://www.suse.com/security/cve/CVE-2020-26555"
},
{
"category": "external",
"summary": "SUSE Bug 1179610 for CVE-2020-26555",
"url": "https://bugzilla.suse.com/1179610"
},
{
"category": "external",
"summary": "SUSE Bug 1215237 for CVE-2020-26555",
"url": "https://bugzilla.suse.com/1215237"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2020-26555",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-18T10:35:42Z",
"details": "moderate"
}
],
"title": "CVE-2020-26555"
},
{
"cve": "CVE-2023-51779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51779"
}
],
"notes": [
{
"category": "general",
"text": "bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51779",
"url": "https://www.suse.com/security/cve/CVE-2023-51779"
},
{
"category": "external",
"summary": "SUSE Bug 1218559 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1218559"
},
{
"category": "external",
"summary": "SUSE Bug 1218610 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1218610"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1220015"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1220191"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-18T10:35:42Z",
"details": "important"
}
],
"title": "CVE-2023-51779"
},
{
"cve": "CVE-2023-6121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6121"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6121",
"url": "https://www.suse.com/security/cve/CVE-2023-6121"
},
{
"category": "external",
"summary": "SUSE Bug 1217250 for CVE-2023-6121",
"url": "https://bugzilla.suse.com/1217250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-18T10:35:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-6121"
},
{
"cve": "CVE-2023-6531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6531"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector\u0027s deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6531",
"url": "https://www.suse.com/security/cve/CVE-2023-6531"
},
{
"category": "external",
"summary": "SUSE Bug 1218447 for CVE-2023-6531",
"url": "https://bugzilla.suse.com/1218447"
},
{
"category": "external",
"summary": "SUSE Bug 1218487 for CVE-2023-6531",
"url": "https://bugzilla.suse.com/1218487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-18T10:35:42Z",
"details": "important"
}
],
"title": "CVE-2023-6531"
},
{
"cve": "CVE-2023-6546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6546"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6546",
"url": "https://www.suse.com/security/cve/CVE-2023-6546"
},
{
"category": "external",
"summary": "SUSE Bug 1218335 for CVE-2023-6546",
"url": "https://bugzilla.suse.com/1218335"
},
{
"category": "external",
"summary": "SUSE Bug 1222685 for CVE-2023-6546",
"url": "https://bugzilla.suse.com/1222685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-18T10:35:42Z",
"details": "important"
}
],
"title": "CVE-2023-6546"
},
{
"cve": "CVE-2023-6606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6606"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6606",
"url": "https://www.suse.com/security/cve/CVE-2023-6606"
},
{
"category": "external",
"summary": "SUSE Bug 1217947 for CVE-2023-6606",
"url": "https://bugzilla.suse.com/1217947"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-6606",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-18T10:35:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-6606"
},
{
"cve": "CVE-2023-6610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6610"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6610",
"url": "https://www.suse.com/security/cve/CVE-2023-6610"
},
{
"category": "external",
"summary": "SUSE Bug 1217946 for CVE-2023-6610",
"url": "https://bugzilla.suse.com/1217946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-18T10:35:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-6610"
},
{
"cve": "CVE-2023-6622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6622"
}
],
"notes": [
{
"category": "general",
"text": "A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6622",
"url": "https://www.suse.com/security/cve/CVE-2023-6622"
},
{
"category": "external",
"summary": "SUSE Bug 1217938 for CVE-2023-6622",
"url": "https://bugzilla.suse.com/1217938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-18T10:35:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-6622"
},
{
"cve": "CVE-2023-6931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6931"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6931",
"url": "https://www.suse.com/security/cve/CVE-2023-6931"
},
{
"category": "external",
"summary": "SUSE Bug 1214158 for CVE-2023-6931",
"url": "https://bugzilla.suse.com/1214158"
},
{
"category": "external",
"summary": "SUSE Bug 1218258 for CVE-2023-6931",
"url": "https://bugzilla.suse.com/1218258"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-6931",
"url": "https://bugzilla.suse.com/1220191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-18T10:35:42Z",
"details": "important"
}
],
"title": "CVE-2023-6931"
},
{
"cve": "CVE-2023-6932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6932"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6932",
"url": "https://www.suse.com/security/cve/CVE-2023-6932"
},
{
"category": "external",
"summary": "SUSE Bug 1218253 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1218253"
},
{
"category": "external",
"summary": "SUSE Bug 1218255 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1218255"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1220015"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1220191"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.29.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.29.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-18T10:35:42Z",
"details": "important"
}
],
"title": "CVE-2023-6932"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…