Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:1646-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2019-25160 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2019-25160 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2021-46904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46905 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • CVE-2021-46905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46909 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46938 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-46939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46939 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46941 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46950 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  • CVE-2021-46950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-46958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46960 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
  • CVE-2021-46963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46964 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-46998 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-47006 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47024 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47049 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47060 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-47061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-47063 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-47068 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-47070 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2021-47071 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2021-47073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2021-47110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47112 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2021-47114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47138 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
  • CVE-2021-47141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47146 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47149 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47150 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47153 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47161 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47169 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47173 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47177 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47179 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47204 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • CVE-2021-47217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-0487 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-0487 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2022-48619 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48619 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  • CVE-2022-48668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  • CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2022-48688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  • CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
  • CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  • CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52614 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  • CVE-2023-52620 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-52635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52650 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52652 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2023-52653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-24855 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-24855 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-24861 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
  • CVE-2024-24861 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
  • CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26743 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26747 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  • CVE-2024-26771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26779 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-26817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26839 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-26840 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-26855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-26884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-26901 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • CVE-2024-26901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26907 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-26922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26929 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-26931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26993 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-27046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27388 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
  • SUSE Linux Enterprise High Performance Computing 12 SP5
  • SUSE Linux Enterprise Real Time 12 SP5
  • SUSE Linux Enterprise Server 12 SP5

An update that solves 187 vulnerabilities, contains one feature and has 16 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394).
  • CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416).
  • CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418).
  • CVE-2021-46909: Fixed a PCI interrupt mapping in ARM footbridge (bsc#1220442).
  • CVE-2021-46938: Fixed a double free of blk_mq_tag_set in dev remove after table load fails in dm rq (bsc#1220554).
  • CVE-2021-46939: Fixed a denial of service in trace_clock_global() in tracing (bsc#1220580).
  • CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628).
  • CVE-2021-46950: Fixed a data corruption bug in raid1 arrays using bitmaps in md/raid1 (bsc#1220662).
  • CVE-2021-46958: Fixed a race between transaction aborts and fsyncs leading to use-after-free in btrfs (bsc#1220521).
  • CVE-2021-46960: Fixed a warning on smb2_get_enc_key in cifs (bsc#1220528).
  • CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536).
  • CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538).
  • CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572).
  • CVE-2021-46981: Fixed a NULL pointer in flush_workqueue in nbd (bsc#1220611).
  • CVE-2021-46988: Fixed release page in error path to avoid BUG_ON (bsc#1220706).
  • CVE-2021-46990: Fixed a denial of service when toggling entry flush barrier in powerpc/64s (bsc#1220743).
  • CVE-2021-46998: Fixed an use after free bug in enic_hard_start_xmit in ethernet/enic (bsc#1220625).
  • CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751).
  • CVE-2021-47015: Fixed a RX consumer index logic in the error path in bnxt_rx_pkt() in bnxt_en (bsc#1220794).
  • CVE-2021-47024: Fixed possible memory leak in vsock/virtio when closing socket (bsc#1220637).
  • CVE-2021-47034: Fixed a kernel memory fault for pte update on radix in powerpc/64s (bsc#1220687).
  • CVE-2021-47045: Fixed a null pointer dereference in lpfc_prep_els_iocb() in scsi lpfc (bsc#1220640).
  • CVE-2021-47049: Fixed an after free in __vmbus_open() in hv vmbus (bsc#1220692).
  • CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768).
  • CVE-2021-47056: Fixed a user-memory-access error on vf2pf_lock in crypto (bsc#1220769).
  • CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742).
  • CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure after sync'ing SRCU (bsc#1220745).
  • CVE-2021-47063: Fixed a potential use-after-free during bridge detach in drm bridge/panel (bsc#1220777).
  • CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739).
  • CVE-2021-47070: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220829).
  • CVE-2021-47071: Fixed a memory leak in error handling paths in hv_uio_cleanup() in uio_hv_generic (bsc#1220846).
  • CVE-2021-47073: Fixed oops on rmmod dell_smbios init_dell_smbios_wmi() (bsc#1220850).
  • CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
  • CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
  • CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960).
  • CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532).
  • CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541).
  • CVE-2021-47114: Fixed a data corruption by fallocate in ocfs2 (bsc#1221548).
  • CVE-2021-47117: Fixed a crash in ext4_es_cache_extent as ext4_split_extent_at failed in ext4 (bsc#1221575).
  • CVE-2021-47118: Fixed an use-after-free in init task's struct pid in pid (bsc#1221605).
  • CVE-2021-47119: Fixed a memory leak in ext4_fill_super in ext4 (bsc#1221608).
  • CVE-2021-47138: Fixed an out-of-bound memory access during clearing filters in cxgb4 (bsc#1221934).
  • CVE-2021-47141: Fixed a null pointer dereference on priv->msix_vectors when driver is unloaded in gve (bsc#1221949).
  • CVE-2021-47142: Fixed an use-after-free on ttm->sg in drm/amdgpu (bsc#1221952).
  • CVE-2021-47143: Fixed possible corruption in net/smc after failed device_add() (bsc#1221988).
  • CVE-2021-47149: Fixed a potential null pointer deref in fmvj18x_get_hwinfo() (bsc#1221972).
  • CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973).
  • CVE-2021-47153: Fixed wrongly generated interrupt on bus reset in i2c/i801 (bsc#1221969).
  • CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966).
  • CVE-2021-47162: Fixed a possible memory leak in tipc_buf_append (bsc#1221977).
  • CVE-2021-47165: Fixed shutdown crash when component not probed in drm/meson (bsc#1221965).
  • CVE-2021-47166: Fixed a data corruption of pg_bytes_written in nfs_do_recoalesce() in nfs (bsc#1221998).
  • CVE-2021-47167: Fixed an oopsable condition in __nfs_pageio_add_request() in nfs (bsc#1221991).
  • CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() in nfs (bsc#1222002).
  • CVE-2021-47169: Fixed a NULL pointer dereference in rp2_probe in serial rp2 (bsc#1222000).
  • CVE-2021-47171: Fixed a memory leak in smsc75xx_bind in net usb (bsc#1221994).
  • CVE-2021-47173: Fixed a memory leak in uss720_probe in misc/uss720 (bsc#1221993).
  • CVE-2021-47177: Fixed a sysfs leak in alloc_iommu() in iommu/vt-d (bsc#1221997).
  • CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() in nfsv4 (bsc#1222001).
  • CVE-2021-47180: Fixed a memory leak in nci_allocate_device nfcmrvl_disconnect in nfc nci (bsc#1221999).
  • CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660).
  • CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662).
  • CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664).
  • CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).
  • CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
  • CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706).
  • CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions in thermal (bsc#1222878)
  • CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).
  • CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).
  • CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).
  • CVE-2022-0487: Fixed use-after-free in moxart_remove in moxart-mmc (bsc#1194516).
  • CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220).
  • CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366).
  • CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
  • CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921).
  • CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
  • CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320).
  • CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411).
  • CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
  • CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445).
  • CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).
  • CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790).
  • CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).
  • CVE-2023-52488: Fixed serial/sc16is7xx convert from raw to noinc regmap functions for FIFO (bsc#1221162).
  • CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836).
  • CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
  • CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
  • CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843).
  • CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871).
  • CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058).
  • CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).
  • CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
  • CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
  • CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).
  • CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060).
  • CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061).
  • CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617).
  • CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825).
  • CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
  • CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
  • CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300).
  • CVE-2023-52644: Stop/wake correct queue in DMA Tx path when QoS is disabled in b43 (bsc#1222961).
  • CVE-2023-52650: Added missing check for of_find_device_by_node() (bsc#1223770)
  • CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
  • CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
  • CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).
  • CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).
  • CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).
  • CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
  • CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
  • CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
  • CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
  • CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
  • CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
  • CVE-2024-24855: Fixed a null pointer dereference due to race condition in scsi device driver in lpfc_unregister_fcf_rescan() function (bsc#1219618).
  • CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623).
  • CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
  • CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
  • CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
  • CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
  • CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
  • CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
  • CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
  • CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677)
  • CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449)
  • CVE-2024-26747: Fixed a NULL pointer issue with USB parent module's reference (bsc#1222609).
  • CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632).
  • CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720).
  • CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610)
  • CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
  • CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
  • CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765)
  • CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770)
  • CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772).
  • CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428).
  • CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).
  • CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
  • CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).
  • CVE-2024-26839: Fixed a memleak in init_credit_return() (bsc#1222975)
  • CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
  • CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).
  • CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).
  • CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).
  • CVE-2024-26859: Prevent access to a freed page in page_pool in bnx2x (bsc#1223049).
  • CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
  • CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
  • CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
  • CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
  • CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203).
  • CVE-2024-26922: Validated the parameters of bo mapping operations more clearly (bsc#1223315).
  • CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
  • CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
  • CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
  • CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
  • CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
  • CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).
  • CVE-2024-27072: Removed useless locks in usbtv_video_free() (bsc#1223837).
  • CVE-2024-27073: Fixed a memory leak in budget_av_attach() (bsc#1223843).
  • CVE-2024-27074: Fixed a memory leak in go7007_load_encoder() (bsc#1223844).
  • CVE-2024-27075: Avoided stack overflow warnings with clang (bsc#1223842).
  • CVE-2024-27078: Fixed a memory leak in tpg_alloc() (bsc#1223781).

The following non-security bugs were fixed:

  • Input: adxl34x - do not hardcode interrupt trigger type (git-fixes).
  • Input: drv260x - sleep between polling GO bit (git-fixes).
  • Input: ipaq-micro-keys - add error handling for devm_kmemdup.
  • Input: xpad - add PXN V900 support.
  • USB: core: Fix deadlock in usb_deauthorize_interface().
  • USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-fixes).
  • atl1c: fix error return code in atl1c_probe() (git-fixes).
  • atl1e: fix error return code in atl1e_probe() (git-fixes).
  • bluetooth: btqca: Fixed a coding style error (git-fixes).
  • bluetooth: btqca: Introduce HCI_EV_VENDOR and use it (git-fixes).
  • bluetooth: btqcomsmd: Fix command timeout after setting BD address (git-fixes).
  • bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).
  • bnx2x: Fix enabling network interfaces without VFs (git-fixes).
  • bnx2x: Fix missing error code in bnx2x_iov_init_one() (git-fixes).
  • bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes).
  • doc/README.SUSE: Update information about module support status (jsc#PED-5759)
  • drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes).
  • ethernet: myri10ge: Fix missing error code in myri10ge_probe() (git-fixes).
  • ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (git-fixes).
  • fuse: do not unhash root (bsc#1223954).
  • iommu/amd: Increase interrupt remapping table limit to 512 entries (git-fixes).
  • iommu/amd: Mark interrupt as managed (git-fixes).
  • iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (git-fixes).
  • iommu/amd: Silence warnings under memory pressure (git-fixes).
  • iommu: Check if group is NULL before remove device (git-fixes).
  • kabi fix for pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
  • kabi: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi).
  • lan78xx: Add missing return code checks (git-fixes).
  • lan78xx: Add support to dump lan78xx registers (git-fixes).
  • lan78xx: Do not access skb_queue_head list pointers directly (git-fixes).
  • lan78xx: Fix exception on link speed change (git-fixes).
  • lan78xx: Fix partial packet errors on suspend/resume (git-fixes).
  • lan78xx: Fix race conditions in suspend/resume handling (git-fixes).
  • lan78xx: Fix white space and style issues (git-fixes).
  • lan78xx: Modify error messages (git-fixes).
  • lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes).
  • net/mlx5: Properly convey driver version to firmware (git-fixes).
  • net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (git-fixes).
  • net: Fix features skip in for_each_netdev_feature() (git-fixes).
  • net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes).
  • net: atheros: switch from 'pci_' to 'dma_' API (git-fixes).
  • net: lan78xx: Allow for VLAN headers in timeout calcs (git-fixes).
  • net: lan78xx: Make declaration style consistent (git-fixes).
  • net: lan78xx: Merge memcpy + lexx_to_cpus to get_unaligned_lexx (git-fixes).
  • net: lan78xx: fix runtime PM count underflow on link stop (git-fixes).
  • net: lan78xx: remove set but not used variable 'event' (git-fixes).
  • net: macb: ensure the device is available before accessing GEMGXL control registers (git-fixes).
  • net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes).
  • net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
  • net: usb: Use ARRAY_SIZE instead of calculating the array size (git-fixes).
  • net: usb: lan78xx: Remove lots of set but unused 'ret' variables (git-fixes).
  • nfs: Fix O_DIRECT commit verifier handling (git-fixes).
  • nfs: Fix O_DIRECT locking issues (git-fixes).
  • nfs: Fix a request reference leak in nfs_direct_write_clear_reqs() (git-fixes).
  • nfs: Fix an off by one in root_nfs_cat() (git-fixes).
  • nfs: Fix direct WRITE throughput regression (git-fixes).
  • nfs: Fix error handling for O_DIRECT write scheduling (git-fixes).
  • nfs: More O_DIRECT accounting fixes for error paths (git-fixes).
  • nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).
  • nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791).
  • nfs: commit errors should be fatal (git-fixes).
  • nfs: only issue commit in DIO codepath if we have uncommitted data (git-fixes).
  • nfsd: Fix error cleanup path in nfsd_rename() (git-fixes).
  • nfsd: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
  • nfsd: Retransmit callbacks after client reconnects (git-fixes).
  • nfsd: lock_rename() needs both directories to live on the same fs (git-fixes).
  • nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).
  • pci/aer: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes).
  • pci/aspm: Avoid link retraining race (git-fixes).
  • pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git-fixes).
  • pci/aspm: Do not warn if already in common clock mode (git-fixes).
  • pci/aspm: Factor out pcie_wait_for_retrain() (git-fixes).
  • pci/aspm: Reduce severity of common clock config message (git-fixes).
  • pci/aspm: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes).
  • pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes).
  • pci/dpc: Print all TLP Prefixes, not just the first (git-fixes).
  • pci/iov: Enlarge virtfn sysfs name buffer (git-fixes).
  • pci/msi: Prevent MSI hardware interrupt number truncation (git-fixes).
  • pci/pm: Power up all devices during runtime resume (git-fixes).
  • pci/sysfs: Protect driver's D3cold preference from user space (git-fixes).
  • pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).
  • pci: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes).
  • pci: Add locking to RMW PCI Express Capability Register accessors (git-fixes).
  • pci: Avoid FLR for AMD FCH AHCI adapters (git-fixes).
  • pci: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (git-fixes).
  • pci: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).
  • pci: Mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).
  • pci: Rework pcie_retrain_link() wait loop (git-fixes).
  • pci: aardvark: Fix setting MSI address (git-fixes).
  • pci: aardvark: Fix support for MSI interrupts (git-fixes).
  • pci: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git-fixes).
  • pci: endpoint: Do not stop controller when unbinding endpoint function (git-fixes).
  • pci: hotplug: Allow marking devices as disconnected during bind/unbind (git-fixes).
  • pci: pciehp: Add pciehp_set_indicators() to set both indicators (git-fixes).
  • pci: pciehp: Cancel bringup sequence if card is not present (git-fixes).
  • pci: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).
  • pci: pciehp: Use RMW accessors for changing LNKCTL (git-fixes).
  • pci: qcom: Disable write access to read only registers for IP v2.3.3 (git-fixes).
  • pci: qcom: Fix unbalanced PHY init on probe errors (git-fixes).
  • pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-fixes).
  • pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes).
  • pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes).
  • pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
  • rdma/ipoib: Fix error code return in ipoib_mcast_join (bsc#1221082)
  • s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223883).
  • s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223885).
  • s390/vtime: fix average steal time calculation (git-fixes bsc#1221953).
  • scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
  • scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
  • scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
  • scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
  • scsi: qla2xxx: Fix double free of fcport (bsc1221816).
  • scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
  • scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
  • scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
  • scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
  • scsi: qla2xxx: Update manufacturer detail (bsc1221816).
  • scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
  • sr9800: Add check for usbnet_get_endpoints (git-fixes).
  • sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes).
  • sunrpc: fix a memleak in gss_import_v2_context (git-fixes).
  • sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).
  • tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
  • tun: honor IOCB_NOWAIT flag (git-fixes).
  • usb: dwc2: Fix memory leak in dwc2_hcd_init.
  • usb: dwc2: check return value after calling platform_get_resource() (git-fixes).
  • usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes).
  • usb: gadget: Fix issue with config_ep_by_speed function (git-fixes).
  • usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes).
  • usb: musb: Modify the "HWVers" register address (git-fixes).
  • usb: roles: do not get/set_role() when usb_role_switch is unregistered.
  • usb: serial: option: add Fibocom L7xx modules (git-fixes).
  • usb: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes).
  • usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility (git-fixes).
  • usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).
  • usb: usbfs: Do not WARN about excessively large memory allocations.
  • x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
  • x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).

Special Instructions and Notes:

  • Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Real Time 12 SP5
    zypper in -t patch SUSE-SLE-RT-12-SP5-2024-1646=1

Package List:

  • SUSE Linux Enterprise Real Time 12 SP5 (x86_64)
    • gfs2-kmp-rt-debuginfo-4.12.14-10.182.1
    • kernel-rt-base-4.12.14-10.182.1
    • kernel-rt-base-debuginfo-4.12.14-10.182.1
    • kernel-rt-devel-debuginfo-4.12.14-10.182.1
    • kernel-syms-rt-4.12.14-10.182.1
    • kernel-rt_debug-debugsource-4.12.14-10.182.1
    • ocfs2-kmp-rt-4.12.14-10.182.1
    • dlm-kmp-rt-4.12.14-10.182.1
    • kernel-rt_debug-debuginfo-4.12.14-10.182.1
    • cluster-md-kmp-rt-debuginfo-4.12.14-10.182.1
    • kernel-rt-devel-4.12.14-10.182.1
    • gfs2-kmp-rt-4.12.14-10.182.1
    • cluster-md-kmp-rt-4.12.14-10.182.1
    • kernel-rt-debugsource-4.12.14-10.182.1
    • kernel-rt-debuginfo-4.12.14-10.182.1
    • dlm-kmp-rt-debuginfo-4.12.14-10.182.1
    • ocfs2-kmp-rt-debuginfo-4.12.14-10.182.1
    • kernel-rt_debug-devel-debuginfo-4.12.14-10.182.1
    • kernel-rt_debug-devel-4.12.14-10.182.1
  • SUSE Linux Enterprise Real Time 12 SP5 (noarch)
    • kernel-devel-rt-4.12.14-10.182.1
    • kernel-source-rt-4.12.14-10.182.1
  • SUSE Linux Enterprise Real Time 12 SP5 (nosrc x86_64)
    • kernel-rt_debug-4.12.14-10.182.1
    • kernel-rt-4.12.14-10.182.1

References: