Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2024:3252-1
Rating:	important
References:	bsc#1082555 bsc#1190317 bsc#1196516 bsc#1205462 bsc#1210629 bsc#1214285 bsc#1216834 bsc#1221252 bsc#1222335 bsc#1222387 bsc#1222808 bsc#1223074 bsc#1223803 bsc#1224479 bsc#1224579 bsc#1224640 bsc#1224896 bsc#1224923 bsc#1224984 bsc#1225190 bsc#1225223 bsc#1225483 bsc#1225508 bsc#1225578 bsc#1226323 bsc#1226629 bsc#1226653 bsc#1226754 bsc#1226798 bsc#1226801 bsc#1226885 bsc#1227069 bsc#1227623 bsc#1227820 bsc#1227996 bsc#1228065 bsc#1228247 bsc#1228410 bsc#1228427 bsc#1228449 bsc#1228466 bsc#1228467 bsc#1228482 bsc#1228485 bsc#1228487 bsc#1228493 bsc#1228495 bsc#1228501 bsc#1228513 bsc#1228516 bsc#1228576 bsc#1228579 bsc#1228667 bsc#1228706 bsc#1228709 bsc#1228720 bsc#1228727 bsc#1228733 bsc#1228801 bsc#1228850 bsc#1228959 bsc#1228964 bsc#1228966 bsc#1228967 bsc#1228982 bsc#1228989 bsc#1229154 bsc#1229156 bsc#1229222 bsc#1229229 bsc#1229290 bsc#1229292 bsc#1229301 bsc#1229309 bsc#1229327 bsc#1229345 bsc#1229346 bsc#1229347 bsc#1229357 bsc#1229358 bsc#1229359 bsc#1229381 bsc#1229382 bsc#1229386 bsc#1229388 bsc#1229392 bsc#1229395 bsc#1229398 bsc#1229399 bsc#1229400 bsc#1229407 bsc#1229457 bsc#1229462 bsc#1229482 bsc#1229489 bsc#1229490 bsc#1229495 bsc#1229497 bsc#1229500 bsc#1229503 bsc#1229516 bsc#1229526 bsc#1229531 bsc#1229535 bsc#1229536 bsc#1229540 bsc#1229604 bsc#1229623 bsc#1229624 bsc#1229630 bsc#1229632 bsc#1229657 bsc#1229658 bsc#1229664 bsc#1229707 bsc#1229756 bsc#1229759 bsc#1229761 bsc#1229767 bsc#1229784 bsc#1229787 bsc#1229851
Cross-References:	CVE-2021-4440 CVE-2021-47257 CVE-2021-47289 CVE-2021-47341 CVE-2021-47373 CVE-2021-47425 CVE-2021-47549 CVE-2022-48751 CVE-2022-48769 CVE-2022-48786 CVE-2022-48822 CVE-2022-48865 CVE-2022-48875 CVE-2022-48896 CVE-2022-48899 CVE-2022-48905 CVE-2022-48910 CVE-2022-48919 CVE-2022-48920 CVE-2022-48925 CVE-2022-48930 CVE-2022-48931 CVE-2022-48938 CVE-2023-2176 CVE-2023-52708 CVE-2023-52893 CVE-2023-52901 CVE-2023-52907 CVE-2024-26668 CVE-2024-26677 CVE-2024-26812 CVE-2024-26851 CVE-2024-27011 CVE-2024-35915 CVE-2024-35933 CVE-2024-35965 CVE-2024-36013 CVE-2024-36270 CVE-2024-36286 CVE-2024-38618 CVE-2024-38662 CVE-2024-39489 CVE-2024-40984 CVE-2024-41012 CVE-2024-41016 CVE-2024-41020 CVE-2024-41035 CVE-2024-41062 CVE-2024-41068 CVE-2024-41087 CVE-2024-41097 CVE-2024-41098 CVE-2024-42077 CVE-2024-42082 CVE-2024-42090 CVE-2024-42101 CVE-2024-42106 CVE-2024-42110 CVE-2024-42148 CVE-2024-42155 CVE-2024-42157 CVE-2024-42158 CVE-2024-42162 CVE-2024-42226 CVE-2024-42228 CVE-2024-42232 CVE-2024-42236 CVE-2024-42240 CVE-2024-42244 CVE-2024-42246 CVE-2024-42259 CVE-2024-42271 CVE-2024-42280 CVE-2024-42281 CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42301 CVE-2024-42309 CVE-2024-42310 CVE-2024-42312 CVE-2024-42322 CVE-2024-43819 CVE-2024-43831 CVE-2024-43839 CVE-2024-43853 CVE-2024-43854 CVE-2024-43856 CVE-2024-43861 CVE-2024-43863 CVE-2024-43866 CVE-2024-43871 CVE-2024-43872 CVE-2024-43879 CVE-2024-43882 CVE-2024-43883 CVE-2024-43892 CVE-2024-43893 CVE-2024-43900 CVE-2024-43902 CVE-2024-43905 CVE-2024-43907
CVSS scores:	CVE-2021-4440 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L CVE-2021-47257 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-47289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-47341 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2021-47373 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2021-47425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-47549 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2022-48751 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48769 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2022-48786 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-48822 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-48822 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-48865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48865 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48875 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48875 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48899 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2022-48905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48910 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-48910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-48920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2022-48920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48931 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-48938 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2022-48938 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-48938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-2176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-2176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-52708 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-26668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-26677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-26812 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2024-26851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-27011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-35915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-35933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-35965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-36013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-36270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-36270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-36286 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-38662 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-38662 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N CVE-2024-39489 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2024-39489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-40984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-41012 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2024-41012 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVE-2024-41020 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-41020 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2024-41035 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-41068 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-41097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-41097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-41098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-41098 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42148 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-42155 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVE-2024-42155 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N CVE-2024-42155 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N CVE-2024-42157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42157 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N CVE-2024-42158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42158 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N CVE-2024-42162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42162 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-42226 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-42226 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-42228 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42236 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2024-42236 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2024-42236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42240 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-42240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42240 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42244 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-42244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42244 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42246 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42259 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-42259 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2024-42259 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-42280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-42281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42284 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-42285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42285 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-42286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2024-42286 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42287 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42289 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42301 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2024-42301 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-42309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-42322 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43872 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2024-43892 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-43892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43892 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43893 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-43893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2024-43900 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-43902 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-43902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-43905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-43907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-43907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:	SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5

An update that solves 105 vulnerabilities and has 17 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

CVE-2024-35965: Fix not validating setsockopt user input (bsc#1224579).
CVE-2024-35933: Fixed a build regression (bsc#1224640).
CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156)
CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
CVE-2024-43863: Fix a deadlock in dma buf fence polling (bsc#1229497)
CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466).
CVE-2024-43907: Fix the null pointer dereference in apply_state_adjust_rules (bsc#1229787).
CVE-2024-43905: Fix the null pointer dereference for vega10_hwmgr (bsc#1229784).
CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759).
CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756).
CVE-2024-43902: Add null checker before passing variables (bsc#1229767).
CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658).
CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808).
CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
CVE-2022-48910: Ensure we call ipv6_mc_down() at most once (bsc#1229632)
CVE-2023-52893: Fix null-deref in gsmi_get_variable (bsc#1229535)
CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733).
CVE-2022-48875: Initialize struct pn533_out_arg properly (bsc#1229516).
CVE-2023-52907: Wait for out_urb's completion in pn533_usb_send_frame() (bsc#1229526).
CVE-2024-43871: Fix memory leakage caused by driver API devm_free_percpu() (bsc#1229490)
CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
CVE-2024-43872: Fix soft lockup under heavy CEQE load (bsc#1229489)
CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623)
CVE-2024-42226: Prevent potential failure in handle_tx_event() for Transfer events without TRB (bsc#1228709).
CVE-2024-42236: Prevent OOB read/write in usb_string_copy() (bsc#1228964).
CVE-2024-42244: Fix crash on resume (bsc#1228967).
CVE-2024-43879: Handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (bsc#1229482).
CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578).
CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
CVE-2024-41012: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290 git-fixes).
CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727 CVE-2024-42157 git-fixes).
CVE-2021-47341: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio (bsc#1224923).
CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
CVE-2022-48769: Avoid EFIv2 runtime services on Apple x86 machines (bsc#1226629).
CVE-2024-43856: Fix call order in dmam_free_coherent (bsc#1229346).
CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074)
CVE-2024-40984: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (bsc#1227820).
CVE-2024-26677: Blacklist e7870cf13d20 ("rxrpc: Fix delayed ACKs to not set the reference serial number") (bsc#1222387)
CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388)
CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357)
CVE-2024-42310: Fix null pointer dereference in cdv_intel_lvds_get_modes (bsc#1229358)
CVE-2024-42309: Fix null pointer dereference in psb_intel_lvds_get_modes (bsc#1229359)
CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345)
CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347)
CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407).
CVE-2024-42285: Fix a use-after-free related to destroying CM IDs (bsc#1229381)
CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309).
CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386).
CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
CVE-2024-38618: Set lower bound of start tick time (bsc#1226754).
CVE-2024-41035: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (bsc#1228485)
CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706).
CVE-2023-52708: Fix error handling in mmc_spi_probe() (bsc#1225483).
CVE-2021-47549: Fix UAF in sata_fsl_port_stop when rmmod sata_fsl (bsc#1225508).
CVE-2021-47373: Fix potential VPE leak on error (bsc#1225190).
CVE-2021-47425: Fix resource leak in reconfiguration device addition (bsc#1225223).
CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
CVE-2024-41098: Fix null pointer dereference on error (bsc#1228467).
CVE-2021-4440: Drop USERGS_SYSRET64 paravirt call (bsc#1227069).
CVE-2022-48786: Remove vsock from connected table when connect is interrupted by a signal (bsc#1227996).
CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
CVE-2024-35915: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes CVE-2024-35915 bsc#1224479).
CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065).
CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579).
CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
CVE-2024-42090: Fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (bsc#1228449).
CVE-2024-42101: Fix null pointer dereference in nouveau_connector_get_modes (bsc#1228495).
CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667).
CVE-2021-47257: Fix null deref in parse dev addr (bsc#1224896).
CVE-2022-48751: Transitional solution for clcsock race issue (bsc#1226653).

The following non-security bugs were fixed:

arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes)
Bluetooth: L2CAP: Fix deadlock (git-fixes).
btrfs: fix processing of delayed tree block refs during backref walking (bsc#1228982).
btrfs: Remove unused op_key var from add_delayed_refs (bsc#1228982).
cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801).
char: tpm: Protect tpm_pm_suspend with locks (bsc#1082555).
cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229457).
genirq: Delay deactivation in free_irq() (git-fixes).
genirq: Make sure the initial affinity is not empty (git-fixes).
genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git-fixes).
genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() (git-fixes).
genirq/irqdesc: Do not try to remove non-existing sysfs files (git-fixes).
genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy() (git-fixes).
genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set (git-fixes).
genirq/msi: Ensure deactivation on teardown (git-fixes).
genirq/proc: Reject invalid affinity masks (again) (git-fixes).
gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git-fixes).
ip6_tunnel: Fix broken GRO (bsc#1226323).
irqdomain: Drop bogus fwspec-mapping error handling (git-fixes).
irqdomain: Fix association race (git-fixes).
irqdomain: Fix domain registration race (git-fixes).
irqdomain: Fix mapping-creation race (git-fixes).
irqdomain: Fixed unbalanced fwnode get and put (git-fixes).
irqdomain: Look for existing mapping only once (git-fixes).
irqdomain: Refactor __irq_domain_alloc_irqs() (git-fixes).
kABI: do not change return type of tpm_tis_update_timeouts (bsc#1082555).
kABI: do not rename tpm_do_selftest, tpm_pcr_read_dev, and tpm1_getcap (bsc#1082555).
kABI: Do not rename tpm_getcap (bsc#1082555).
kABI: genirq: Delay deactivation in free_irq() (kabi git-fixes).
kABI: Hide the new last_cc member in a hole in struct tpm_chip (bsc#1082555).
kABI: Instead of changing the pcr argument type add a local variable of the desired type, and assign it from the actual argument (bsc#1082555).
kABI: no need to store the tpm long long duration in tpm_chip struct, it is an arbitrary hardcoded value (bsc#1082555).
kABI: re-export tpm2_calc_ordinal_duration (bsc#1082555).
kABI: tpm-interface: Hide new include from genksyms (bsc#1082555).
kABI: tpm2-space: Do not add buf_size to struct tpm_space (bsc#1082555).
kabi/severities: Ignore tpm_transmit_cmd and tpm_tis_core_init (bsc#1082555).
KVM: s390: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID (git-fixes bsc#1229222).
memcg: protect concurrent access to mem_cgroup_idr (git-fixes).
net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154).
net: mana: Fix race on per-CQ variable napi work_done (bsc#1229154).
netfilter: nf_conntrack_h323: restore boundary check correctness (bsc#1223074)
netfilter: nf_ct_h323: Convert CHECK_BOUND macro to function (bsc#1223074)
netfilter: nf_ct_h323: Extend nf_h323_error_boundary to work on bits as well (bsc#1223074)
netfilter: nf_ct_h323: Out Of Bound Read in Netfilter Conntrack (bsc#1223074)
nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).
nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).
nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229229).
scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252 bsc#1229462).
tpm_tis_core: Turn on the TPM before probing IRQ's (bsc#1082555).
tpm_tis: Add a check for invalid status (bsc#1082555).
tpm_tis: Explicitly check for error code (bsc#1082555).
tpm_tis: Fix an error handling path in 'tpm_tis_core_init()' (bsc#1082555).
tpm_tis: Resend command to recover from data transfer errors (bsc#1082555).
tpm_tis: reserve chip for duration of tpm_tis_core_init (bsc#1082555).
tpm_tis: Use tpm_chip_{start,stop} decoration inside tpm_tis_resume (bsc#1082555).
tpm, tpm_tis: Avoid cache incoherency in test for interrupts (bsc#1082555).
tpm, tpm_tis: Claim locality before writing interrupt registers (bsc#1082555).
tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register (bsc#1082555).
tpm, tpm_tis: Claim locality when interrupts are reenabled on resume (bsc#1082555).
tpm, tpm_tis: correct tpm_tis_flags enumeration values (bsc#1082555).
tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1082555).
tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1082555).
tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed (bsc#1082555).
tpm, tpm_tis: Do not skip reset of original interrupt vector (bsc#1082555).
tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1082555).
tpm, tpm_tis: Only handle supported interrupts (bsc#1082555).
tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1082555).
tpm, tpm: Implement usage counter for locality (bsc#1082555).
tpm, tpmrm: Mark tpmrm_write as static (bsc#1082555).
tpm: access command header through struct in tpm_try_transmit() (bsc#1082555).
tpm: Actually fail on TPM errors during "get random" (bsc#1082555).
tpm: Add a flag to indicate TPM power is managed by firmware (bsc#1082555).
tpm: add ptr to the tpm_space struct to file_priv (bsc#1082555).
tpm: add support for nonblocking operation (bsc#1082555).
tpm: add support for partial reads (bsc#1082555).
tpm: add tpm_auto_startup() into tpm-interface.c (bsc#1082555).
tpm: add tpm_calc_ordinal_duration() wrapper (bsc#1082555).
tpm: Allow system suspend to continue when TPM suspend fails (bsc#1082555).
tpm: clean up tpm_try_transmit() error handling flow (bsc#1082555).
tpm: declare struct tpm_header (bsc#1082555).
tpm: do not return bool from update_timeouts (bsc#1082555).
tpm: encapsulate tpm_dev_transmit() (bsc#1082555).
tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c (bsc#1082555).
tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c (bsc#1082555).
tpm: factor out tpm_get_timeouts() (bsc#1082555).
tpm: factor out tpm_startup function (bsc#1082555).
tpm: factor out tpm1_get_random into tpm1-cmd.c (bsc#1082555).
tpm: fix an invalid condition in tpm_common_poll (bsc#1082555).
tpm: fix Atmel TPM crash caused by too frequent queries (bsc#1082555).
tpm: Fix buffer access in tpm2_get_tpm_pt() (bsc#1082555).
tpm: fix buffer type in tpm_transmit_cmd (bsc#1082555).
tpm: fix byte order related arithmetic inconsistency in tpm_getcap() (bsc#1082555).
tpm: Fix error handling in async work (bsc#1082555).
tpm: fix invalid locking in NONBLOCKING mode (bsc#1082555).
tpm: fix invalid return value in pubek_show() (bsc#1082555).
tpm: fix NPE on probe for missing device (bsc#1082555).
tpm: Fix null pointer dereference on chip register error path (bsc#1082555).
tpm: Fix TIS locality timeout problems (bsc#1082555).
tpm: Handle negative priv->response_len in tpm_common_read() (bsc#1082555).
tpm: introduce tpm_chip_start() and tpm_chip_stop() (bsc#1082555).
tpm: migrate pubek_show to struct tpm_buf (bsc#1082555).
tpm: migrate tpm2_get_random() to use struct tpm_buf (bsc#1082555).
tpm: migrate tpm2_get_tpm_pt() to use struct tpm_buf (bsc#1082555).
tpm: migrate tpm2_probe() to use struct tpm_buf (bsc#1082555).
tpm: migrate tpm2_shutdown() to use struct tpm_buf (bsc#1082555).
tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend() (bsc#1082555).
tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c (bsc#1082555).
tpm: move TPM space code out of tpm_transmit() (bsc#1082555).
tpm: move tpm_getcap to tpm1-cmd.c (bsc#1082555).
tpm: move tpm_validate_commmand() to tpm2-space.c (bsc#1082555).
tpm: move tpm1_pcr_extend to tpm1-cmd.c (bsc#1082555).
tpm: Prevent hwrng from activating during resume (bsc#1082555).
tpm: print tpm2_commit_space() error inside tpm2_commit_space() (bsc#1082555).
tpm: remove @flags from tpm_transmit() (bsc#1082555).
tpm: remove @space from tpm_transmit() (bsc#1082555).
tpm: remove struct tpm_pcrextend_in (bsc#1082555).
tpm: Remove tpm_dev_wq_lock (bsc#1082555).
tpm: remove TPM_TRANSMIT_UNLOCKED flag (bsc#1082555).
tpm: rename tpm_chip_find_get() to tpm_find_get_ops() (bsc#1082555).
tpm: replace TPM_TRANSMIT_RAW with TPM_TRANSMIT_NESTED (bsc#1082555).
tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status() (bsc#1082555).
tpm: return 0 from pcrs_show() when tpm1_pcr_read() fails (bsc#1082555).
tpm: Revert "tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for interrupts" (bsc#1082555).
tpm: Revert "tpm_tis_core: Turn on the TPM before probing IRQ's" (bsc#1082555).
tpm: Revert "tpm_tis: reserve chip for duration of tpm_tis_core_init" (bsc#1082555).
tpm: take TPM chip power gating out of tpm_transmit() (bsc#1082555).
tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (bsc#1082555).
tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak (bsc#1082555).
tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation (bsc#1082555).
tpm: tpm1_bios_measurements_next should increase position index (bsc#1082555).
tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure (bsc#1082555).
tpm: turn on TPM on suspend for TPM 1.x (bsc#1082555).
tpm: Unify the mismatching TPM space buffer sizes (bsc#1082555).
tpm: use tpm_buf in tpm_transmit_cmd() as the IO parameter (bsc#1082555).
tpm: use tpm_msleep() value as max delay (bsc#1082555).
tpm: use tpm_try_get_ops() in tpm-sysfs.c (bsc#1082555).
tpm: use u32 instead of int for PCR index (bsc#1082555).
tpm: vtpm_proxy: Avoid reading host log when using a virtual device (bsc#1082555).
tpm: vtpm_proxy: Prevent userspace from sending driver command (bsc#1082555).
tpm: Wrap the buffer from the caller to tpm_buf in tpm_send() (bsc#1082555).
tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (bsc#1082555).
tpm1: implement tpm1_pcr_read_dev() using tpm_buf structure (bsc#1082555).
tpm1: reimplement SAVESTATE using tpm_buf (bsc#1082555).
tpm1: reimplement tpm1_continue_selftest() using tpm_buf (bsc#1082555).
tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read() (bsc#1082555).
tpm2: add longer timeouts for creation commands (bsc#1082555).
vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes).
vsock: correct removal of socket from the list (bsc#1227996).
xfs: fix getfsmap reporting past the last rt extent (git-fixes).
xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes).
xfs: fix uninitialized variable access (git-fixes).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

SUSE Linux Enterprise Server for SAP Applications 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3252=1
SUSE Linux Enterprise High Performance Computing 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3252=1
SUSE Linux Enterprise Server 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3252=1

Package List:

SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc x86_64)
- kernel-azure-4.12.14-16.197.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64)
- kernel-azure-base-4.12.14-16.197.1
- kernel-azure-devel-4.12.14-16.197.1
- kernel-azure-debuginfo-4.12.14-16.197.1
- kernel-azure-debugsource-4.12.14-16.197.1
- kernel-syms-azure-4.12.14-16.197.1
- kernel-azure-base-debuginfo-4.12.14-16.197.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch)
- kernel-devel-azure-4.12.14-16.197.1
- kernel-source-azure-4.12.14-16.197.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64)
- kernel-azure-4.12.14-16.197.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64)
- kernel-azure-base-4.12.14-16.197.1
- kernel-azure-devel-4.12.14-16.197.1
- kernel-azure-debuginfo-4.12.14-16.197.1
- kernel-azure-debugsource-4.12.14-16.197.1
- kernel-syms-azure-4.12.14-16.197.1
- kernel-azure-base-debuginfo-4.12.14-16.197.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
- kernel-devel-azure-4.12.14-16.197.1
- kernel-source-azure-4.12.14-16.197.1
SUSE Linux Enterprise Server 12 SP5 (nosrc x86_64)
- kernel-azure-4.12.14-16.197.1
SUSE Linux Enterprise Server 12 SP5 (x86_64)
- kernel-azure-base-4.12.14-16.197.1
- kernel-azure-devel-4.12.14-16.197.1
- kernel-azure-debuginfo-4.12.14-16.197.1
- kernel-azure-debugsource-4.12.14-16.197.1
- kernel-syms-azure-4.12.14-16.197.1
- kernel-azure-base-debuginfo-4.12.14-16.197.1
SUSE Linux Enterprise Server 12 SP5 (noarch)
- kernel-devel-azure-4.12.14-16.197.1
- kernel-source-azure-4.12.14-16.197.1

Security update for the Linux Kernel

Description:

Special Instructions and Notes:

Patch Instructions:

Package List:

References: