Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:3251-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2021-4440 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  • CVE-2021-47257 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47341 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-47373 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2021-47425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-47549 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48751 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48769 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48786 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  • CVE-2022-48822 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48822 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48865 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48875 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48875 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48899 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2022-48905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48910 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • CVE-2022-48910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  • CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2022-48920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48931 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48938 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  • CVE-2022-48938 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-2176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-2176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-52708 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26812 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-27011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-35965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-36286 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
  • CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-38662 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-38662 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
  • CVE-2024-39489 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-39489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41012 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-41012 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  • CVE-2024-41020 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-41020 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-41035 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-41068 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-41097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41098 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42148 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-42155 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  • CVE-2024-42155 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-42155 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N
  • CVE-2024-42157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42157 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-42158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42158 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-42162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42162 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-42226 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42226 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42228 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42236 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-42236 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2024-42236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42240 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-42240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42240 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42244 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-42244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42244 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42246 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42259 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-42259 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  • CVE-2024-42259 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-42280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-42281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42284 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-42285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42285 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-42286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42286 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42287 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42289 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42301 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-42301 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-42309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42322 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43872 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-43892 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-43892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43892 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43893 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-43893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-43900 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-43902 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-43902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-43905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-43907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
  • SUSE Linux Enterprise High Availability Extension 12 SP5
  • SUSE Linux Enterprise High Performance Computing 12 SP5
  • SUSE Linux Enterprise Live Patching 12-SP5
  • SUSE Linux Enterprise Server 12 SP5
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5
  • SUSE Linux Enterprise Software Development Kit 12 SP5
  • SUSE Linux Enterprise Workstation Extension 12 12-SP5

An update that solves 105 vulnerabilities and has 17 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-35965: Fix not validating setsockopt user input (bsc#1224579).
  • CVE-2024-35933: Fixed build regression (bsc#1224640).
  • CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
  • CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
  • CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156)
  • CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
  • CVE-2024-43863: Fix a deadlock in dma buf fence polling (bsc#1229497)
  • CVE-2024-41087: Fix double free on error (bsc#1228466).
  • CVE-2024-43907: Fix the null pointer dereference in apply_state_adjust_rules (bsc#1229787).
  • CVE-2024-43905: Fix the null pointer dereference for vega10_hwmgr (bsc#1229784).
  • CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759).
  • CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756).
  • CVE-2024-43902: Add null checker before passing variables (bsc#1229767).
  • CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658).
  • CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808).
  • CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
  • CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
  • CVE-2022-48910: Ensure we call ipv6_mc_down() at most once (bsc#1229632)
  • CVE-2023-52893: Fix null-deref in gsmi_get_variable (bsc#1229535)
  • CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733).
  • CVE-2022-48875: Initialize struct pn533_out_arg properly (bsc#1229516).
  • CVE-2023-52907: Wait for out_urb's completion in pn533_usb_send_frame() (bsc#1229526).
  • CVE-2024-43871: Fix memory leakage caused by driver API devm_free_percpu() (bsc#1229490)
  • CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
  • CVE-2024-43872: Fix soft lockup under heavy CEQE load (bsc#1229489)
  • CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623)
  • CVE-2024-42226: Prevent potential failure in handle_tx_event() for Transfer events without TRB (bsc#1228709).
  • CVE-2024-42236: Prevent OOB read/write in usb_string_copy() (bsc#1228964).
  • CVE-2024-42244: Fix crash on resume (bsc#1228967).
  • CVE-2024-43879: Handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (bsc#1229482).
  • CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
  • CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578).
  • CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
  • CVE-2024-41012: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
  • CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
  • CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290).
  • CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727).
  • CVE-2021-47341: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio (bsc#1224923).
  • CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
  • CVE-2022-48769: Avoid EFIv2 runtime services on Apple x86 machines (bsc#1226629).
  • CVE-2024-43856: Fix call order in dmam_free_coherent (bsc#1229346).
  • CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
  • CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074)
  • CVE-2024-40984: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (bsc#1227820).
  • CVE-2024-26677: Blacklist e7870cf13d20 (" Fix delayed ACKs to not set the reference serial number") (bsc#1222387)
  • CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388)
  • CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
  • CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357)
  • CVE-2024-42310: Fix null pointer dereference in cdv_intel_lvds_get_modes (bsc#1229358)
  • CVE-2024-42309: Fix null pointer dereference in psb_intel_lvds_get_modes (bsc#1229359)
  • CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345)
  • CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347)
  • CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407).
  • CVE-2024-42285: Fix a use-after-free related to destroying CM IDs (bsc#1229381)
  • CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309).
  • CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386).
  • CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
  • CVE-2024-38618: Set lower bound of start tick time (bsc#1226754).
  • CVE-2024-41035: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (bsc#1228485)
  • CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706).
  • CVE-2023-52708: Fix error handling in mmc_spi_probe() (bsc#1225483).
  • CVE-2021-47549: Fix UAF in sata_fsl_port_stop when rmmod sata_fsl (bsc#1225508).
  • CVE-2021-47373: Fix potential VPE leak on error (bsc#1225190).
  • CVE-2021-47425: Fix resource leak in reconfiguration device addition (bsc#1225223).
  • CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
  • CVE-2024-41098: Fix null pointer dereference on error (bsc#1228467).
  • CVE-2021-4440: Drop USERGS_SYSRET64 paravirt call ( bsc#1227069).
  • CVE-2022-48786: Remove vsock from connected table when connect is interrupted by a signal (bsc#1227996).
  • CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
  • CVE-2024-35915: Fix uninit-value in nci_dev_up and nci_ntf_packet (bsc#1224479).
  • CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
  • CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
  • CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
  • CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
  • CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065).
  • CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579).
  • CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
  • CVE-2024-42090: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (bsc#1228449).
  • CVE-2024-42101: Fix null pointer dereference in nouveau_connector_get_modes (bsc#1228495).
  • CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667).
  • CVE-2021-47257: fix null deref in parse dev addr (bsc#1224896).

The following non-security bugs were fixed:

  • arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes)
  • Bluetooth: L2CAP: Fix deadlock (git-fixes).
  • btrfs: fix processing of delayed tree block refs during backref walking (bsc#1228982).
  • btrfs: Remove unused op_key var from add_delayed_refs (bsc#1228982).
  • cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801).
  • char: tpm: Protect tpm_pm_suspend with locks (bsc#1082555).
  • cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
  • fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229457).
  • genirq: Delay deactivation in free_irq() (git-fixes).
  • genirq: Make sure the initial affinity is not empty (git-fixes).
  • genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git-fixes).
  • genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() (git-fixes).
  • genirq/irqdesc: Do not try to remove non-existing sysfs files (git-fixes).
  • genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy() (git-fixes).
  • genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set (git-fixes).
  • genirq/msi: Ensure deactivation on teardown (git-fixes).
  • genirq/proc: Reject invalid affinity masks (again) (git-fixes).
  • gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git-fixes).
  • ip6_tunnel: Fix broken GRO (bsc#1226323).
  • irqdomain: Drop bogus fwspec-mapping error handling (git-fixes).
  • irqdomain: Fix association race (git-fixes).
  • irqdomain: Fix domain registration race (git-fixes).
  • irqdomain: Fix mapping-creation race (git-fixes).
  • irqdomain: Fixed unbalanced fwnode get and put (git-fixes).
  • irqdomain: Look for existing mapping only once (git-fixes).
  • irqdomain: Refactor __irq_domain_alloc_irqs() (git-fixes).
  • kABI: do not change return type of tpm_tis_update_timeouts (bsc#1082555).
  • kABI: do not rename tpm_do_selftest, tpm_pcr_read_dev, and tpm1_getcap (bsc#1082555).
  • kABI: Do not rename tpm_getcap (bsc#1082555).
  • kABI: genirq: Delay deactivation in free_irq() (kabi git-fixes).
  • kABI: Hide the new last_cc member in a hole in struct tpm_chip (bsc#1082555).
  • kABI: Instead of changing the pcr argument type add a local variable of the desired type, and assign it from the actual argument (bsc#1082555).
  • kABI: no need to store the tpm long long duration in tpm_chip struct, it is an arbitrary hardcoded value (bsc#1082555).
  • kABI: re-export tpm2_calc_ordinal_duration (bsc#1082555).
  • kABI: tpm-interface: Hide new include from genksyms (bsc#1082555).
  • kABI: tpm2-space: Do not add buf_size to struct tpm_space (bsc#1082555).
  • kabi/severities: Ignore tpm_transmit_cmd and tpm_tis_core_init (bsc#1082555).
  • KVM: s390: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID (git-fixes bsc#1229222).
  • memcg: protect concurrent access to mem_cgroup_idr (git-fixes).
  • net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154).
  • net: mana: Fix race on per-CQ variable napi work_done (bsc#1229154).
  • netfilter: nf_conntrack_h323: restore boundary check correctness (bsc#1223074)
  • netfilter: nf_ct_h323: Convert CHECK_BOUND macro to function (bsc#1223074)
  • netfilter: nf_ct_h323: Extend nf_h323_error_boundary to work on bits as well (bsc#1223074)
  • netfilter: nf_ct_h323: Out Of Bound Read in Netfilter Conntrack (bsc#1223074)
  • nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).
  • nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).
  • nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
  • powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
  • s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229229).
  • scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252 bsc#1229462).
  • tpm_tis_core: Turn on the TPM before probing IRQ's (bsc#1082555).
  • tpm_tis: Add a check for invalid status (bsc#1082555).
  • tpm_tis: Explicitly check for error code (bsc#1082555).
  • tpm_tis: Fix an error handling path in 'tpm_tis_core_init()' (bsc#1082555).
  • tpm_tis: Resend command to recover from data transfer errors (bsc#1082555).
  • tpm_tis: reserve chip for duration of tpm_tis_core_init (bsc#1082555).
  • tpm_tis: Use tpm_chip_{start,stop} decoration inside tpm_tis_resume (bsc#1082555).
  • tpm, tpm_tis: Avoid cache incoherency in test for interrupts (bsc#1082555).
  • tpm, tpm_tis: Claim locality before writing interrupt registers (bsc#1082555).
  • tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register (bsc#1082555).
  • tpm, tpm_tis: Claim locality when interrupts are reenabled on resume (bsc#1082555).
  • tpm, tpm_tis: correct tpm_tis_flags enumeration values (bsc#1082555).
  • tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1082555).
  • tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1082555).
  • tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed (bsc#1082555).
  • tpm, tpm_tis: Do not skip reset of original interrupt vector (bsc#1082555).
  • tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1082555).
  • tpm, tpm_tis: Only handle supported interrupts (bsc#1082555).
  • tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1082555).
  • tpm, tpm: Implement usage counter for locality (bsc#1082555).
  • tpm, tpmrm: Mark tpmrm_write as static (bsc#1082555).
  • tpm: access command header through struct in tpm_try_transmit() (bsc#1082555).
  • tpm: Actually fail on TPM errors during "get random" (bsc#1082555).
  • tpm: Add a flag to indicate TPM power is managed by firmware (bsc#1082555).
  • tpm: add ptr to the tpm_space struct to file_priv (bsc#1082555).
  • tpm: add support for nonblocking operation (bsc#1082555).
  • tpm: add support for partial reads (bsc#1082555).
  • tpm: add tpm_auto_startup() into tpm-interface.c (bsc#1082555).
  • tpm: add tpm_calc_ordinal_duration() wrapper (bsc#1082555).
  • tpm: Allow system suspend to continue when TPM suspend fails (bsc#1082555).
  • tpm: clean up tpm_try_transmit() error handling flow (bsc#1082555).
  • tpm: declare struct tpm_header (bsc#1082555).
  • tpm: do not return bool from update_timeouts (bsc#1082555).
  • tpm: encapsulate tpm_dev_transmit() (bsc#1082555).
  • tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c (bsc#1082555).
  • tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c (bsc#1082555).
  • tpm: factor out tpm_get_timeouts() (bsc#1082555).
  • tpm: factor out tpm_startup function (bsc#1082555).
  • tpm: factor out tpm1_get_random into tpm1-cmd.c (bsc#1082555).
  • tpm: fix an invalid condition in tpm_common_poll (bsc#1082555).
  • tpm: fix Atmel TPM crash caused by too frequent queries (bsc#1082555).
  • tpm: Fix buffer access in tpm2_get_tpm_pt() (bsc#1082555).
  • tpm: fix buffer type in tpm_transmit_cmd (bsc#1082555).
  • tpm: fix byte order related arithmetic inconsistency in tpm_getcap() (bsc#1082555).
  • tpm: Fix error handling in async work (bsc#1082555).
  • tpm: fix invalid locking in NONBLOCKING mode (bsc#1082555).
  • tpm: fix invalid return value in pubek_show() (bsc#1082555).
  • tpm: fix NPE on probe for missing device (bsc#1082555).
  • tpm: Fix null pointer dereference on chip register error path (bsc#1082555).
  • tpm: Fix TIS locality timeout problems (bsc#1082555).
  • tpm: Handle negative priv->response_len in tpm_common_read() (bsc#1082555).
  • tpm: introduce tpm_chip_start() and tpm_chip_stop() (bsc#1082555).
  • tpm: migrate pubek_show to struct tpm_buf (bsc#1082555).
  • tpm: migrate tpm2_get_random() to use struct tpm_buf (bsc#1082555).
  • tpm: migrate tpm2_get_tpm_pt() to use struct tpm_buf (bsc#1082555).
  • tpm: migrate tpm2_probe() to use struct tpm_buf (bsc#1082555).
  • tpm: migrate tpm2_shutdown() to use struct tpm_buf (bsc#1082555).
  • tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend() (bsc#1082555).
  • tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c (bsc#1082555).
  • tpm: move TPM space code out of tpm_transmit() (bsc#1082555).
  • tpm: move tpm_getcap to tpm1-cmd.c (bsc#1082555).
  • tpm: move tpm_validate_commmand() to tpm2-space.c (bsc#1082555).
  • tpm: move tpm1_pcr_extend to tpm1-cmd.c (bsc#1082555).
  • tpm: Prevent hwrng from activating during resume (bsc#1082555).
  • tpm: print tpm2_commit_space() error inside tpm2_commit_space() (bsc#1082555).
  • tpm: remove @flags from tpm_transmit() (bsc#1082555).
  • tpm: remove @space from tpm_transmit() (bsc#1082555).
  • tpm: remove struct tpm_pcrextend_in (bsc#1082555).
  • tpm: Remove tpm_dev_wq_lock (bsc#1082555).
  • tpm: remove TPM_TRANSMIT_UNLOCKED flag (bsc#1082555).
  • tpm: rename tpm_chip_find_get() to tpm_find_get_ops() (bsc#1082555).
  • tpm: replace TPM_TRANSMIT_RAW with TPM_TRANSMIT_NESTED (bsc#1082555).
  • tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status() (bsc#1082555).
  • tpm: return 0 from pcrs_show() when tpm1_pcr_read() fails (bsc#1082555).
  • tpm: Revert "tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for interrupts" (bsc#1082555).
  • tpm: Revert "tpm_tis_core: Turn on the TPM before probing IRQ's" (bsc#1082555).
  • tpm: Revert "tpm_tis: reserve chip for duration of tpm_tis_core_init" (bsc#1082555).
  • tpm: take TPM chip power gating out of tpm_transmit() (bsc#1082555).
  • tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (bsc#1082555).
  • tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak (bsc#1082555).
  • tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation (bsc#1082555).
  • tpm: tpm1_bios_measurements_next should increase position index (bsc#1082555).
  • tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure (bsc#1082555).
  • tpm: turn on TPM on suspend for TPM 1.x (bsc#1082555).
  • tpm: Unify the mismatching TPM space buffer sizes (bsc#1082555).
  • tpm: use tpm_buf in tpm_transmit_cmd() as the IO parameter (bsc#1082555).
  • tpm: use tpm_msleep() value as max delay (bsc#1082555).
  • tpm: use tpm_try_get_ops() in tpm-sysfs.c (bsc#1082555).
  • tpm: use u32 instead of int for PCR index (bsc#1082555).
  • tpm: vtpm_proxy: Avoid reading host log when using a virtual device (bsc#1082555).
  • tpm: vtpm_proxy: Prevent userspace from sending driver command (bsc#1082555).
  • tpm: Wrap the buffer from the caller to tpm_buf in tpm_send() (bsc#1082555).
  • tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (bsc#1082555).
  • tpm1: implement tpm1_pcr_read_dev() using tpm_buf structure (bsc#1082555).
  • tpm1: reimplement SAVESTATE using tpm_buf (bsc#1082555).
  • tpm1: reimplement tpm1_continue_selftest() using tpm_buf (bsc#1082555).
  • tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read() (bsc#1082555).
  • tpm2: add longer timeouts for creation commands (bsc#1082555).
  • vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes).
  • vsock: correct removal of socket from the list (bsc#1227996).
  • xfs: fix getfsmap reporting past the last rt extent (git-fixes).
  • xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes).
  • xfs: fix uninitialized variable access (git-fixes).

Special Instructions and Notes:

  • Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Server for SAP Applications 12 SP5
    zypper in -t patch SUSE-SLE-HA-12-SP5-2024-3251=1 SUSE-SLE-SERVER-12-SP5-2024-3251=1
  • SUSE Linux Enterprise High Availability Extension 12 SP5
    zypper in -t patch SUSE-SLE-HA-12-SP5-2024-3251=1
  • SUSE Linux Enterprise Live Patching 12-SP5
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-3251=1
  • SUSE Linux Enterprise Software Development Kit 12 SP5
    zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3251=1
  • SUSE Linux Enterprise High Performance Computing 12 SP5
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3251=1
  • SUSE Linux Enterprise Server 12 SP5
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3251=1
  • SUSE Linux Enterprise Workstation Extension 12 12-SP5
    zypper in -t patch SUSE-SLE-WE-12-SP5-2024-3251=1

Package List:

  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64)
    • kernel-default-devel-4.12.14-122.228.1
    • cluster-md-kmp-default-debuginfo-4.12.14-122.228.1
    • gfs2-kmp-default-debuginfo-4.12.14-122.228.1
    • ocfs2-kmp-default-4.12.14-122.228.1
    • kernel-default-debuginfo-4.12.14-122.228.1
    • kernel-default-base-4.12.14-122.228.1
    • kernel-syms-4.12.14-122.228.1
    • kernel-default-debugsource-4.12.14-122.228.1
    • dlm-kmp-default-4.12.14-122.228.1
    • cluster-md-kmp-default-4.12.14-122.228.1
    • ocfs2-kmp-default-debuginfo-4.12.14-122.228.1
    • kernel-default-base-debuginfo-4.12.14-122.228.1
    • dlm-kmp-default-debuginfo-4.12.14-122.228.1
    • gfs2-kmp-default-4.12.14-122.228.1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc ppc64le x86_64)
    • kernel-default-4.12.14-122.228.1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch)
    • kernel-devel-4.12.14-122.228.1
    • kernel-macros-4.12.14-122.228.1
    • kernel-source-4.12.14-122.228.1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64)
    • kernel-default-devel-debuginfo-4.12.14-122.228.1
  • SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64)
    • cluster-md-kmp-default-debuginfo-4.12.14-122.228.1
    • gfs2-kmp-default-debuginfo-4.12.14-122.228.1
    • ocfs2-kmp-default-4.12.14-122.228.1
    • kernel-default-debuginfo-4.12.14-122.228.1
    • kernel-default-debugsource-4.12.14-122.228.1
    • dlm-kmp-default-4.12.14-122.228.1
    • cluster-md-kmp-default-4.12.14-122.228.1
    • ocfs2-kmp-default-debuginfo-4.12.14-122.228.1
    • dlm-kmp-default-debuginfo-4.12.14-122.228.1
    • gfs2-kmp-default-4.12.14-122.228.1
  • SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc)
    • kernel-default-4.12.14-122.228.1
  • SUSE Linux Enterprise Live Patching 12-SP5 (nosrc)
    • kernel-default-4.12.14-122.228.1
  • SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    • kernel-default-debugsource-4.12.14-122.228.1
    • kernel-default-kgraft-devel-4.12.14-122.228.1
    • kernel-default-kgraft-4.12.14-122.228.1
    • kernel-default-debuginfo-4.12.14-122.228.1
    • kgraft-patch-4_12_14-122_228-default-1-8.3.1
  • SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch nosrc)
    • kernel-docs-4.12.14-122.228.2
  • SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64)
    • kernel-obs-build-debugsource-4.12.14-122.228.2
    • kernel-obs-build-4.12.14-122.228.2
  • SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 nosrc x86_64)
    • kernel-default-4.12.14-122.228.1
  • SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64)
    • kernel-default-devel-4.12.14-122.228.1
    • kernel-syms-4.12.14-122.228.1
    • kernel-default-base-4.12.14-122.228.1
    • kernel-default-debugsource-4.12.14-122.228.1
    • kernel-default-base-debuginfo-4.12.14-122.228.1
    • kernel-default-debuginfo-4.12.14-122.228.1
  • SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
    • kernel-devel-4.12.14-122.228.1
    • kernel-macros-4.12.14-122.228.1
    • kernel-source-4.12.14-122.228.1
  • SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64)
    • kernel-default-devel-debuginfo-4.12.14-122.228.1
  • SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64 nosrc)
    • kernel-default-4.12.14-122.228.1
  • SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64)
    • kernel-default-devel-4.12.14-122.228.1
    • kernel-syms-4.12.14-122.228.1
    • kernel-default-base-4.12.14-122.228.1
    • kernel-default-debugsource-4.12.14-122.228.1
    • kernel-default-base-debuginfo-4.12.14-122.228.1
    • kernel-default-debuginfo-4.12.14-122.228.1
  • SUSE Linux Enterprise Server 12 SP5 (noarch)
    • kernel-devel-4.12.14-122.228.1
    • kernel-macros-4.12.14-122.228.1
    • kernel-source-4.12.14-122.228.1
  • SUSE Linux Enterprise Server 12 SP5 (s390x)
    • kernel-default-man-4.12.14-122.228.1
  • SUSE Linux Enterprise Server 12 SP5 (x86_64)
    • kernel-default-devel-debuginfo-4.12.14-122.228.1
  • SUSE Linux Enterprise Workstation Extension 12 12-SP5 (nosrc)
    • kernel-default-4.12.14-122.228.1
  • SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64)
    • kernel-default-extra-4.12.14-122.228.1
    • kernel-default-extra-debuginfo-4.12.14-122.228.1
    • kernel-default-debugsource-4.12.14-122.228.1
    • kernel-default-debuginfo-4.12.14-122.228.1

References: