Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:3592-1
Release Date: 2024-10-10T16:03:56Z
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2022-48901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48923 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  • CVE-2022-48923 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48923 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48935 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48935 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48944 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2022-48944 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48944 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52610 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2023-52916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26767 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
  • CVE-2024-26767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26804 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26837 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  • CVE-2024-37353 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
  • CVE-2024-38538 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
  • CVE-2024-38538 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-38596 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
  • CVE-2024-38632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-38632 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40910 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-40910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40973 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-40973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40973 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-40983 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-41082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42154 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42154 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
  • CVE-2024-42259 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-42259 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  • CVE-2024-42259 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42265 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • CVE-2024-42304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42306 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43828 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43890 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  • CVE-2024-43890 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-43890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43898 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43912 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  • CVE-2024-43912 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-43912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43914 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-43914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43914 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44935 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44935 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44944 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-44944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44944 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44946 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-44946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44950 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44952 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44952 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44954 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44954 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44967 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-44967 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-44969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44969 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44970 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44971 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44972 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44977 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-44977 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44977 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-44982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44982 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44986 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44986 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-44987 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-44987 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-44988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44988 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44989 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44989 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44990 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44998 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44998 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-44999 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44999 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-45000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45001 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45001 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45003 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45003 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45006 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45006 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45008 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45011 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45013 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45015 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-45018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45020 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45020 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45026 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-45028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45028 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45029 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-45029 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46673 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46673 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46674 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46674 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46675 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:L
  • CVE-2024-46675 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2024-46675 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46676 ( SUSE ): 2.4 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
  • CVE-2024-46676 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  • CVE-2024-46676 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46677 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
  • CVE-2024-46677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46677 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46679 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
  • CVE-2024-46679 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46679 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46685 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46685 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46686 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46686 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46689 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46694 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46694 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46702 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
  • CVE-2024-46702 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46702 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46707 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46714 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46714 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46715 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46720 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46721 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46721 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46722 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-46723 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46723 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-46724 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  • CVE-2024-46724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-46724 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-46725 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46725 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46726 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46726 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46727 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46728 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46730 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46731 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46731 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-46732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46732 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46737 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
  • CVE-2024-46737 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46737 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46738 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  • CVE-2024-46738 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46738 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46739 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
  • CVE-2024-46739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46743 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  • CVE-2024-46743 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-46743 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-46744 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  • CVE-2024-46744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-46744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46745 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46746 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  • CVE-2024-46746 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-46746 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46747 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  • CVE-2024-46747 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-46747 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-46750 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46750 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46750 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46751 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46751 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46751 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46752 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46753 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46755 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46755 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46756 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  • CVE-2024-46756 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
  • CVE-2024-46756 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46758 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  • CVE-2024-46758 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
  • CVE-2024-46758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46759 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  • CVE-2024-46759 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
  • CVE-2024-46759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46761 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46761 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46772 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46773 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46773 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46780 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46780 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46781 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46781 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46783 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46783 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46784 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46784 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46786 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46786 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-46786 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46787 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46791 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46791 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46791 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46794 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  • CVE-2024-46794 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • CVE-2024-46798 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46798 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46822 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46822 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
  • openSUSE Leap 15.5
  • openSUSE Leap Micro 5.5
  • SUSE Linux Enterprise High Performance Computing 15 SP5
  • SUSE Linux Enterprise Live Patching 15-SP5
  • SUSE Linux Enterprise Micro 5.5
  • SUSE Linux Enterprise Real Time 15 SP5
  • SUSE Linux Enterprise Server 15 SP5
  • SUSE Linux Enterprise Server for SAP Applications 15 SP5
  • SUSE Real Time Module 15-SP5

An update that solves 130 vulnerabilities and has 34 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2022-48901: btrfs: do not start relocation until in progress drops are done (bsc#1229607).
  • CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229633).
  • CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)
  • CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619)
  • CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
  • CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
  • CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
  • CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
  • CVE-2024-26767: drm/amd/display: fixed integer types and null check locations (bsc#1230339).
  • CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
  • CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of the list of MDB events to replay (bsc#1222973).
  • CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875).
  • CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
  • CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
  • CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832).
  • CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
  • CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
  • CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
  • CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620 CVE-2024-41082).
  • CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
  • CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156)
  • CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
  • CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
  • CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
  • CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
  • CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
  • CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
  • CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
  • CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
  • CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
  • CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
  • CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
  • CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
  • CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
  • CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race (bsc#1230178).
  • CVE-2024-44954: ALSA: line6: Fix racy access to midibuf (bsc#1230176).
  • CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
  • CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
  • CVE-2024-44986: ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230230)
  • CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
  • CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
  • CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
  • CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
  • CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
  • CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
  • CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
  • CVE-2024-45007: char: xillybus: Refine workqueue handling (bsc#1230175).
  • CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
  • CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
  • CVE-2024-45015: drm/msm/dpu: move dpu_encoder's connector assignment to (bsc#1230444)
  • CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
  • CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
  • CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
  • CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
  • CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe error path (bsc#1230507).
  • CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
  • CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
  • CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
  • CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
  • CVE-2024-46689: soc: qcom: cmd-db: Map shared memory as WC, not WB (bsc#1230524)
  • CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
  • CVE-2024-46707: KVM: arm64: Make ICC_SGI_EL1 undef in the absence of a vGICv3 (bsc#1230582).
  • CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access (bsc#1230700).
  • CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
  • CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
  • CVE-2024-46728: drm/amd/display: Check index for aux_rd_interval before using (bsc#1230703)
  • CVE-2024-46730: drm/amd/display: Ensure array index tg_inst won't be -1 (bsc#1230701)
  • CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
  • CVE-2024-46750: PCI: Add missing bridge lock to pci_bus_lock() (bsc#1230783).
  • CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786).
  • CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
  • CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
  • CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
  • CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
  • CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
  • CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
  • CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
  • CVE-2024-46830: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS (bsc#1231116).

The following non-security bugs were fixed:

  • ACPI: battery: create alarm sysfs attribute atomically (git-fixes).
  • ACPI: CPPC: Fix MASK_VAL() usage (git-fixes).
  • ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() (git-fixes).
  • ACPI: processor: Fix memory leaks in error paths of processor_add() (stable-fixes).
  • ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() (stable-fixes).
  • ACPI: SBS: manage alarm sysfs attribute through psy core (git-fixes).
  • ACPI: sysfs: validate return type of _STR method (git-fixes).
  • af_unix: annotate lockless accesses to sk->sk_err (bsc#1226846).
  • af_unix: Fix data races around sk->sk_shutdown (bsc#1226846).
  • af_unix: Fix data-races around sk->sk_shutdown (git-fixes).
  • ALSA: hda: Add input value sanity checks to HDMI channel map controls (stable-fixes).
  • ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices (stable-fixes).
  • ALSA: hda/conexant: Mute speakers at suspend / shutdown (stable-fixes).
  • ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown (stable-fixes).
  • ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx (stable-fixes).
  • apparmor: fix possible NULL pointer dereference (stable-fixes).
  • arm64: acpi: Move get_cpu_for_acpi_id() to a header (git-fixes).
  • arm64: dts: rockchip: Correct the Pinebook Pro battery design capacity (git-fixes).
  • arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E (git-fixes).
  • arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency (git-fixes).
  • arm64/mm: Modify range-based tlbi to decrement scale (bsc#1229585)
  • arm64/mm: Update tlb invalidation routines for FEAT_LPA2 (bsc#1229585)
  • arm64: tlb: Allow range operation for MAX_TLBI_RANGE_PAGES (bsc#1229585)
  • arm64: tlb: Fix TLBI RANGE operand (bsc#1229585)
  • arm64: tlb: Improve __TLBI_VADDR_RANGE() (bsc#1229585)
  • ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object (git-fixes).
  • ASoC: meson: axg-card: fix 'use-after-free' (git-fixes).
  • ASoc: SOF: topology: Clear SOF link platform name upon unload (git-fixes).
  • ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode (git-fixes).
  • ASoC: tegra: Fix CBB error during probe() (git-fixes).
  • ASoC: topology: Properly initialize soc_enum values (stable-fixes).
  • ata: libata: Fix memory leak for error path in ata_host_alloc() (git-fixes).
  • ata: pata_macio: Use WARN instead of BUG (stable-fixes).
  • blk-mq: add helper for checking if one CPU is mapped to specified hctx (bsc#1223600).
  • blk-mq: add number of queue calc helper (bsc#1229034).
  • blk-mq: Build default queue map via group_cpus_evenly() (bsc#1229031).
  • blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600).
  • blk-mq: introduce blk_mq_dev_map_queues (bsc#1229034).
  • blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1229034).
  • blk-mq: use hk cpus only when isolcpus=io_queue is enabled (bsc#1229034).
  • Bluetooth: btusb: Fix not handling ZPL/short-transfer (git-fixes).
  • Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED (git-fixes).
  • Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL (git-fixes).
  • Bluetooth: L2CAP: Fix deadlock (git-fixes).
  • Bluetooth: MGMT: Ignore keys being loaded with invalid type (git-fixes).
  • cachefiles: fix dentry leak in cachefiles_open_file() (bsc#1231181).
  • cachefiles: Fix non-taking of sb_writers around set/removexattr (bsc#1231013).
  • can: bcm: Clear bo->bcm_proc_read after remove_proc_entry() (git-fixes).
  • can: bcm: Remove proc entry when dev is unregistered (git-fixes).
  • can: j1939: use correct function name in comment (git-fixes).
  • can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open (git-fixes).
  • cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (git-fixes).
  • ceph: remove the incorrect Fw reference check when dirtying pages (bsc#1231180).
  • char: xillybus: Check USB endpoints when probing device (git-fixes).
  • clk: qcom: clk-alpha-pll: Fix the pll post div mask (git-fixes).
  • clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API (git-fixes).
  • clk: qcom: clk-alpha-pll: Fix zonda set_rate failure when PLL is disabled (git-fixes).
  • cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately (git-fixes).
  • crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure (git-fixes).
  • crypto: virtio - Handle dataq logic with tasklet (git-fixes).
  • crypto: virtio - Wait for tasklet to complete on device remove (git-fixes).
  • crypto: xor - fix template benchmarking (git-fixes).
  • devres: Initialize an uninitialized struct member (stable-fixes).
  • driver core: Add debug logs when fwnode links are added/deleted (git-fixes).
  • driver core: Add missing parameter description to __fwnode_link_add() (git-fixes).
  • driver core: Create __fwnode_link_del() helper function (git-fixes).
  • driver core: fw_devlink: Allow marking a fwnode link as being part of a cycle (git-fixes).
  • driver core: fw_devlink: Consolidate device link flag computation (git-fixes).
  • driver core: Set deferred probe reason when deferred by driver core (git-fixes).
  • drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() (git-fixes).
  • Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic (git-fixes).
  • Drivers: hv: vmbus: Fix the misplaced function description (git-fixes).
  • drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (git-fixes).
  • drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (git-fixes).
  • drm/amd/amdgpu: Check tbo resource pointer (stable-fixes).
  • drm/amd/amdgpu: Properly tune the size of struct (git-fixes).
  • drm/amd/display: Add array index check for hdcp ddc access (stable-fixes).
  • drm/amd/display: added NULL check at start of dc_validate_stream (stable-fixes).
  • drm/amd/display: Assign linear_pitch_alignment even for VM (stable-fixes).
  • drm/amd/display: Check denominator pbn_div before used (stable-fixes).
  • drm/amd/display: Check gpio_id before used as array index (stable-fixes).
  • drm/amd/display: Check HDCP returned status (stable-fixes).
  • drm/amd/display: Check msg_id before processing transcation (stable-fixes).
  • drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] (stable-fixes).
  • drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX (stable-fixes).
  • drm/amd/display: Ensure index calculation will not overflow (stable-fixes).
  • drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create (stable-fixes).
  • drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration (stable-fixes).
  • drm/amd/display: Skip wbscl_set_scaler_filter if filter is null (stable-fixes).
  • drm/amd/display: Spinlock before reading event (stable-fixes).
  • drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (stable-fixes).
  • drm/amdgpu/atomfirmware: Silence UBSAN warning (stable-fixes).
  • drm/amdgpu: avoid reading vf2pf info size from FB (stable-fixes).
  • drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6 (stable-fixes).
  • drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts (stable-fixes).
  • drm/amdgpu: fix a possible null pointer dereference (git-fixes).
  • drm/amdgpu: fix dereference after null check (stable-fixes).
  • drm/amdgpu: fix mc_data out-of-bounds read warning (stable-fixes).
  • drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number (stable-fixes).
  • drm/amdgpu: Fix out-of-bounds write warning (stable-fixes).
  • drm/amdgpu: fix overflowed array index read warning (stable-fixes).
  • drm/amdgpu: Fix smatch static checker warning (stable-fixes).
  • drm/amdgpu: fix the waring dereferencing hive (stable-fixes).
  • drm/amdgpu: fix ucode out-of-bounds read warning (stable-fixes).
  • drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr (stable-fixes).
  • drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs (stable-fixes).
  • drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc (stable-fixes).
  • drm/amdgpu/pm: Fix uninitialized variable agc_btc_response (stable-fixes).
  • drm/amdgpu/pm: Fix uninitialized variable warning for smu10 (stable-fixes).
  • drm/amdgpu: Set no_hw_access when VF request full GPU fails (stable-fixes).
  • drm/amdgpu: the warning dereferencing obj for nbio_v7_4 (stable-fixes).
  • drm/amdgpu: update type of buf size to u32 for eeprom functions (stable-fixes).
  • drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device (stable-fixes).
  • drm/amd/pm: check negtive return for table entries (stable-fixes).
  • drm/amd/pm: check specific index for aldebaran (stable-fixes).
  • drm/amd/pm: Fix negative array index read (stable-fixes).
  • drm/amd/pm: fix the Out-of-bounds read warning (stable-fixes).
  • drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr (stable-fixes).
  • drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt (stable-fixes).
  • drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr (stable-fixes).
  • drm/amd/pm: fix uninitialized variable warning (stable-fixes).
  • drm/amd/pm: fix warning using uninitialized value of max_vid_step (stable-fixes).
  • drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid() (git-fixes).
  • drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ (stable-fixes).
  • drm/i915/fence: Mark debug_fence_free() with __maybe_unused (git-fixes).
  • drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused (git-fixes).
  • drm/i915/guc: prevent a possible int overflow in wq offsets (git-fixes).
  • drm/meson: plane: Add error handling (stable-fixes).
  • drm/msm/a5xx: disable preemption in submits by default (git-fixes).
  • drm/msm/a5xx: fix races in preemption evaluation stage (git-fixes).
  • drm/msm/a5xx: properly clear preemption records on resume (git-fixes).
  • drm/msm/a5xx: workaround early ring-buffer emptiness check (git-fixes).
  • drm/msm/adreno: Fix error return if missing firmware-name (stable-fixes).
  • drm/msm/disp/dpu: use atomic enable/disable callbacks for encoder (bsc#1230444)
  • drm/msm: Fix incorrect file name output in adreno_request_fw() (git-fixes).
  • drm/msm: fix %s null argument error (git-fixes).
  • drm: omapdrm: Add missing check for alloc_ordered_workqueue (git-fixes).
  • drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets (git-fixes).
  • drm/radeon: fix null pointer dereference in radeon_add_common_modes (git-fixes).
  • drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode (git-fixes).
  • drm/rockchip: vop: Allow 4096px width scaling (git-fixes).
  • drm/stm: ltdc: check memory returned by devm_kzalloc() (git-fixes).
  • exfat: fix memory leak in exfat_load_bitmap() (git-fixes).
  • fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() (git-fixes).
  • filemap: remove use of wait bookmarks (bsc#1224085).
  • firmware_loader: Block path traversal (git-fixes).
  • fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF (bsc#1230592).
  • fuse: update stats for pages in dropped aux writeback list (bsc#1230130).
  • fuse: use unsigned type for getxattr/listxattr size truncation (bsc#1230129).
  • genirq/affinity: Do not pass irq_affinity_desc array to irq_build_affinity_masks (bsc#1229031).
  • genirq/affinity: Move group_cpus_evenly() into lib/ (bsc#1229031).
  • genirq/affinity: Only build SMP-only helper functions on SMP kernels (bsc#1229031).
  • genirq/affinity: Pass affinity managed mask array to irq_build_affinity_masks (bsc#1229031).
  • genirq/affinity: Remove the 'firstvec' parameter from irq_build_affinity_masks (bsc#1229031).
  • genirq/affinity: Rename irq_build_affinity_masks as group_cpus_evenly (bsc#1229031).
  • genirq/affinity: Replace cpumask_weight() with cpumask_empty() where appropriate (bsc#1229031).
  • gfs2: setattr_chown: Add missing initialization (git-fixes).
  • HID: amd_sfh: free driver_data after destroying hid device (stable-fixes).
  • HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup (stable-fixes).
  • hwmon: (adc128d818) Fix underflows seen when writing limit attributes (stable-fixes).
  • hwmon: (lm95234) Fix underflows seen when writing limit attributes (stable-fixes).
  • hwmon: (max16065) Fix overflows seen when writing limits (git-fixes).
  • hwmon: (ntc_thermistor) fix module autoloading (git-fixes).
  • hwmon: (w83627ehf) Fix underflows seen when writing limit attributes (stable-fixes).
  • hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init (git-fixes).
  • hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume (git-fixes).
  • hwrng: mtk - Use devm_pm_runtime_enable (git-fixes).
  • i2c: aspeed: Update the stop sw state when the bus recovery occurs (git-fixes).
  • i2c: Fix conditional for substituting empty ACPI functions (stable-fixes).
  • i2c: isch: Add missed 'else' (git-fixes).
  • i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
  • i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes).
  • i2c: xiic: Wait for TX empty to avoid missed TX NAKs (git-fixes).
  • i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup (stable-fixes).
  • IB/core: Fix ib_cache_setup_one error flow cleanup (git-fixes)
  • IB/hfi1: Fix potential deadlock on &irq_src_lock and &dd->uctxt_lock (git-fixes)
  • iio: adc: ad7124: fix chip ID mismatch (git-fixes).
  • iio: adc: ad7124: fix config comparison (git-fixes).
  • iio: adc: ad7606: fix oversampling gpio array (git-fixes).
  • iio: adc: ad7606: fix standby gpio state to match the documentation (git-fixes).
  • iio: buffer-dmaengine: fix releasing dma channel on error (git-fixes).
  • iio: chemical: bme680: Fix read/write ops to device by adding mutexes (git-fixes).
  • iio: fix scale application in iio_convert_raw_to_processed_unlocked (git-fixes).
  • iio: magnetometer: ak8975: Fix reading for ak099xx sensors (git-fixes).
  • Input: ilitek_ts_i2c - add report id message validation (git-fixes).
  • Input: ilitek_ts_i2c - avoid wrong input subsystem sync (git-fixes).
  • Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
  • Input: uinput - reject requests with unreasonable number of slots (stable-fixes).
  • ipmi: docs: do not advertise deprecated sysfs entries (git-fixes).
  • ipmi:ssif: Improve detecting during probing (bsc#1228771)
  • ipmi:ssif: Improve detecting during probing (bsc#1228771)
  • jfs: fix out-of-bounds in dbNextAG() and diAlloc() (git-fixes).
  • kabi: add __nf_queue_get_refs() for kabi compliance.
  • kABI, crypto: virtio - Handle dataq logic with tasklet (git-fixes).
  • kthread: Fix task state in kthread worker if being frozen (bsc#1231146).
  • lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1229031).
  • lib/group_cpus.c: honor housekeeping config when grouping CPUs (bsc#1229034).
  • lib/group_cpus: Export group_cpus_evenly() (bsc#1229031).
  • lirc: rc_dev_get_from_fd(): fix file leak (git-fixes).
  • mailbox: bcm2835: Fix timeout during suspend mode (git-fixes).
  • mailbox: rockchip: fix a typo in module autoloading (git-fixes).
  • media: aspeed: Fix no complete irq for non-64-aligned width (bsc#1230269)
  • media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse (stable-fixes).
  • media: qcom: camss: Fix ordering of pm_runtime_enable (git-fixes).
  • media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (git-fixes).
  • media: sun4i_csi: Implement link validate for sun4i_csi subdev (git-fixes).
  • media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags (git-fixes).
  • media: uvcvideo: Enforce alignment of frame and interval (stable-fixes).
  • media: venus: fix use after free bug in venus_remove due to race condition (git-fixes).
  • media: vicodec: allow en/decoder cmd w/o CAPTURE (git-fixes).
  • media: vivid: do not set HDMI TX controls if there are no HDMI outputs (stable-fixes).
  • media: vivid: fix wrong sizeimage value for mplane (stable-fixes).
  • mmc: cqhci: Fix checking of CQHCI_HALT state (git-fixes).
  • mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K (git-fixes).
  • mmc: sdhci-of-aspeed: fix module autoloading (git-fixes).
  • mtd: powernv: Add check devm_kasprintf() returned value (git-fixes).
  • mtd: slram: insert break after errors in parsing the map (git-fixes).
  • net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes).
  • net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (git-fixes).
  • net: missing check virtio (git-fixes).
  • net: tighten bad gso csum offset check in virtio_net_hdr (git-fixes).
  • nf_conntrack_proto_udp: do not accept packets with IPS_NAT_CLASH (bsc#1199769).
  • NFSD: Fix frame size warning in svc_export_parse() (git-fixes).
  • NFS: Do not re-read the entire page cache to find the next cookie (bsc#1226662).
  • NFSD: Rewrite synopsis of nfsd_percpu_counters_init() (git-fixes).
  • NFS: never reuse a NFSv4.0 lock-owner (bsc#1227726).
  • NFS: Reduce use of uncached readdir (bsc#1226662).
  • NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations (git-fixes).
  • nilfs2: Constify struct kobj_type (git-fixes).
  • nilfs2: determine empty node blocks as corrupted (git-fixes).
  • nilfs2: fix missing cleanup on rollforward recovery error (git-fixes).
  • nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() (git-fixes).
  • nilfs2: fix potential oob read in nilfs_btree_check_delete() (git-fixes).
  • nilfs2: fix state management in error path of log writing function (git-fixes).
  • nilfs2: protect references to superblock parameters exposed in sysfs (git-fixes).
  • nilfs2: replace snprintf in show functions with sysfs_emit (git-fixes).
  • nilfs2: use default_groups in kobj_type (git-fixes).
  • nvme: move stopping keep-alive into nvme_uninit_ctrl() (git-fixes).
  • nvme/pci: Add APST quirk for Lenovo N60z laptop (git-fixes).
  • nvme-pci: Add sleep quirk for Samsung 990 Evo (git-fixes).
  • nvme-pci: use block layer helpers to calculate num of queues (bsc#1229034).
  • nvme: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034).
  • nvmet: Identify-Active Namespace ID List command should reject invalid nsid (git-fixes).
  • nvmet-rdma: fix possible bad dereference when freeing rsps (git-fixes).
  • nvmet-tcp: do not continue for invalid icreq (git-fixes).
  • nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes).
  • nvmet-trace: avoid dereferencing pointer too early (git-fixes).
  • ocfs2: cancel dqi_sync_work before freeing oinfo (git-fixes).
  • ocfs2: fix null-ptr-deref when journal load failed (git-fixes).
  • ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes).
  • ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes).
  • PCI: Add missing bridge lock to pci_bus_lock() (stable-fixes).
  • PCI: al: Check IORESOURCE_BUS existence during probe (git-fixes).
  • PCI/ASPM: Move pci_function_0() upward (bsc#1226915)
  • PCI/ASPM: Remove struct aspm_latency (bsc#1226915)
  • PCI/ASPM: Stop caching device L0s, L1 acceptable exit latencies (bsc#1226915)
  • PCI/ASPM: Stop caching link L0s, L1 exit latencies (bsc#1226915)
  • PCI: dra7xx: Fix error handling when IRQ request fails in probe (git-fixes).
  • PCI: dwc: Expose dw_pcie_ep_exit() to module (git-fixes).
  • PCI: dwc: Restore MSI Receiver mask during resume (git-fixes).
  • pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (stable-fixes).
  • PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) (stable-fixes).
  • PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (git-fixes).
  • PCI: Support BAR sizes up to 8TB (bsc#1231017)
  • PCI: Wait for Link before restoring Downstream Buses (git-fixes).
  • PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes).
  • PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler (git-fixes).
  • PCI: xilinx-nwl: Fix register misspelling (git-fixes).
  • pcmcia: Use resource_size function on resource object (stable-fixes).
  • pinctrl: single: fix missing error code in pcs_probe() (git-fixes).
  • pinctrl: single: fix potential NULL dereference in pcs_get_function() (git-fixes).
  • PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666).
  • platform/x86: dell-smbios: Fix error path in dell_smbios_init() (git-fixes).
  • platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array (git-fixes).
  • platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (git-fixes).
  • power: supply: axp20x_battery: Remove design from min and max voltage (git-fixes).
  • power: supply: Drop use_cnt check from power_supply_property_is_writeable() (git-fixes).
  • power: supply: hwmon: Fix missing temp1_max_alarm attribute (git-fixes).
  • power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense (git-fixes).
  • RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes)
  • RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes)
  • RDMA/efa: Properly handle unexpected AQ completions (git-fixes)
  • RDMA/hns: Do not modify rq next block addr in HIP09 QPC (git-fixes)
  • RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (git-fixes)
  • RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() (git-fixes)
  • RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler (git-fixes)
  • RDMA/hns: Optimize hem allocation performance (git-fixes)
  • RDMA/irdma: fix error message in irdma_modify_qp_roce() (git-fixes)
  • RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git-fixes)
  • RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (git-fixes)
  • RDMA/rtrs: Fix the problem of variable not initialized fully (git-fixes)
  • RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer (git-fixes)
  • Restore dropped fields for bluetooth MGMT/SMP structs (git-fixes).
  • Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE" (git-fixes).
  • Revert "media: tuners: fix error return code of hybrid_tuner_request_state()" (git-fixes).
  • Revert "media: tuners: fix error return code of hybrid_tuner_request_state()" (stable-fixes).
  • rtc: at91sam9: fix OF node leak in probe() error path (git-fixes).
  • scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223).
  • scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds (bsc#1229429).
  • scsi: lpfc: Copyright updates for 14.4.0.4 patches (bsc#1229429).
  • scsi: lpfc: Fix overflow build issue (bsc#1229429).
  • scsi: lpfc: Fix unintentional double clearing of vmid_flag (bsc#1229429).
  • scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (bsc#1229429).
  • scsi: lpfc: Remove redundant vport assignment when building an abort request (bsc#1229429).
  • scsi: lpfc: Update lpfc version to 14.4.0.4 (bsc#1229429).
  • scsi: lpfc: Update PRLO handling in direct attached topology (bsc#1229429).
  • scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1229429).
  • scsi: pm8001: do not overwrite PCI queue mapping (bsc#1229034).
  • scsi: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034).
  • scsi: sd: Fix off-by-one error in sd_read_block_characteristics() (bsc#1223848).
  • scsi: use block layer helpers to calculate num of queues (bsc#1229034).
  • spi: nxp-fspi: fix the KASAN report out-of-bounds bug (git-fixes).
  • Squashfs: sanity check symbolic link size (git-fixes).
  • staging: iio: frequency: ad9834: Validate frequency parameter value (git-fixes).
  • thunderbolt: Mark XDomain as unplugged when router is removed (stable-fixes).
  • tomoyo: fallback to realpath if symlink's pathname does not exist (git-fixes).
  • tools/virtio: fix build (git-fixes).
  • tpm: Clean up TPM space after command failure (git-fixes).
  • tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes).
  • tty: rp2: Fix reset with non forgiving PCIe host bridges (git-fixes).
  • udp: fix receiving fraglist GSO packets (git-fixes).
  • uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (git-fixes).
  • usb: cdnsp: Fix incorrect usb_request status (git-fixes).
  • USB: class: CDC-ACM: fix race between get_serial and set_serial (git-fixes).
  • usb: dwc2: drd: fix clock gating on USB role switch (git-fixes).
  • usb: dwc2: Skip clock gating on Broadcom SoCs (git-fixes).
  • usb: dwc3: core: Prevent USB core invalid event buffer address access (git-fixes).
  • usb: dwc3: core: Skip setting event buffers for host only controllers (git-fixes).
  • usb: dwc3: core: update LC timer as per USB Spec V3.2 (git-fixes).
  • usb: dwc3: omap: add missing depopulate in probe error path (git-fixes).
  • usb: dwc3: st: add missing depopulate in probe error path (git-fixes).
  • usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes).
  • usbip: Do not submit special requests twice (stable-fixes).
  • usbnet: fix cyclical race on disconnect with work queue (git-fixes).
  • usbnet: ipheth: race between ipheth_close and error handling (git-fixes).
  • usbnet: modern method to get random MAC (git-fixes).
  • USB: serial: kobil_sct: restore initial terminal settings (git-fixes).
  • USB: serial: option: add MeiG Smart SRM825L (git-fixes).
  • usb: typec: ucsi: Fix null pointer dereference in trace (stable-fixes).
  • usb: uas: set host status byte on data completion error (git-fixes).
  • usb: uas: set host status byte on data completion error (stable-fixes).
  • USB: usbtmc: prevent kernel-usb-infoleak (git-fixes).
  • usb: xhci: fix loss of data on Cadence xHC (git-fixes).
  • vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).
  • vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes).
  • virito: add APIs for retrieving vq affinity (bsc#1229034).
  • virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).
  • virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1229034).
  • virtio: blk/scs: replace blk_mq_virtio_map_queues with blk_mq_dev_map_queues (bsc#1229034).
  • virtiofs: forbid newlines in tags (bsc#1230591).
  • virtio_net: checksum offloading handling fix (git-fixes).
  • virtio_net: Fix "'%d' directive writing between 1 and 11 bytes into a region of size 10" warnings (git-fixes).
  • virtio_net: use u64_stats_t infra to avoid data-races (git-fixes).
  • virtio: reenable config if freezing device failed (git-fixes).
  • virtio/vsock: fix logic which reduces credit update messages (git-fixes).
  • VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (git-fixes).
  • vsock/virtio: add support for device suspend/resume (git-fixes).
  • vsock/virtio: factor our the code to initialize and delete VQs (git-fixes).
  • vsock/virtio: initialize the_virtio_vsock before using VQs (git-fixes).
  • vsock/virtio: remove socket from connected/bound list on shutdown (git-fixes).
  • watchdog: imx_sc_wdt: Do not disable WDT in suspend (git-fixes).
  • wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3 (stable-fixes).
  • wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors (git-fixes).
  • wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() (git-fixes).
  • wifi: iwlwifi: mvm: increase the time between ranging measurements (git-fixes).
  • wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (git-fixes).
  • wifi: mt76: mt7615: check devm_kasprintf() returned value (git-fixes).
  • wifi: mt76: mt7915: fix rx filter setting for bfee functionality (git-fixes).
  • wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (stable-fixes).
  • wifi: rtw88: 8822c: Fix reported RX band width (git-fixes).
  • wifi: rtw88: always wait for both firmware loading attempts (git-fixes).
  • wifi: rtw88: remove CPT execution branch never used (git-fixes).
  • wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param (git-fixes).
  • x86/hyperv: fix kexec crash due to VP assist page corruption (git-fixes).
  • x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382).
  • x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382).
  • x86/xen: Convert comma to semicolon (git-fixes).
  • xen: add capability to remap non-RAM pages to different PFNs (bsc#1226003).
  • xen: allow mapping ACPI data using a different physical address (bsc#1226003).
  • xen: introduce generic helper checking for memory map conflicts (bsc#1226003).
  • xen: move checks for e820 conflicts further up (bsc#1226003).
  • xen: move max_pfn in xen_memory_setup() out of function scope (bsc#1226003).
  • xen/swiotlb: add alignment check for dma buffers (bsc#1229928).
  • xen/swiotlb: fix allocated size (git-fixes).
  • xen: tolerate ACPI NVS memory overlapping with Xen allocated memory (bsc#1226003).
  • xen: use correct end address of kernel for conflict checking (bsc#1226003).
  • xfs: do not include bnobt blocks when reserving free block pool (git-fixes).
  • xhci: Set quirky xHC PCI hosts to D3 after stopping and freeing them (git-fixes).
  • xz: cleanup CRC32 edits from 2018 (git-fixes).

Special Instructions and Notes:

  • Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.5
    zypper in -t patch openSUSE-SLE-15.5-2024-3592=1 SUSE-2024-3592=1
  • openSUSE Leap Micro 5.5
    zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3592=1
  • SUSE Linux Enterprise Micro 5.5
    zypper in -t patch SUSE-SLE-Micro-5.5-2024-3592=1
  • SUSE Linux Enterprise Live Patching 15-SP5
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3592=1
  • SUSE Real Time Module 15-SP5
    zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-3592=1

Package List:

  • openSUSE Leap 15.5 (noarch)
    • kernel-source-rt-5.14.21-150500.13.73.1
    • kernel-devel-rt-5.14.21-150500.13.73.1
  • openSUSE Leap 15.5 (x86_64)
    • kernel-syms-rt-5.14.21-150500.13.73.1
    • kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource-1-150500.11.3.1
    • kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.73.1
    • ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.73.1
    • dlm-kmp-rt-debuginfo-5.14.21-150500.13.73.1
    • kselftests-kmp-rt-debuginfo-5.14.21-150500.13.73.1
    • dlm-kmp-rt-5.14.21-150500.13.73.1
    • gfs2-kmp-rt-debuginfo-5.14.21-150500.13.73.1
    • kernel-rt-livepatch-5.14.21-150500.13.73.1
    • kselftests-kmp-rt-5.14.21-150500.13.73.1
    • kernel-rt-devel-debuginfo-5.14.21-150500.13.73.1
    • kernel-rt_debug-debuginfo-5.14.21-150500.13.73.1
    • kernel-livepatch-5_14_21-150500_13_73-rt-1-150500.11.3.1
    • kernel-rt_debug-livepatch-devel-5.14.21-150500.13.73.1
    • kernel-rt-optional-5.14.21-150500.13.73.1
    • kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo-1-150500.11.3.1
    • kernel-rt-debugsource-5.14.21-150500.13.73.1
    • kernel-rt-devel-5.14.21-150500.13.73.1
    • kernel-rt-debuginfo-5.14.21-150500.13.73.1
    • kernel-rt-optional-debuginfo-5.14.21-150500.13.73.1
    • kernel-rt-vdso-debuginfo-5.14.21-150500.13.73.1
    • reiserfs-kmp-rt-5.14.21-150500.13.73.1
    • kernel-rt-vdso-5.14.21-150500.13.73.1
    • reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.73.1
    • cluster-md-kmp-rt-5.14.21-150500.13.73.1
    • kernel-rt_debug-devel-5.14.21-150500.13.73.1
    • gfs2-kmp-rt-5.14.21-150500.13.73.1
    • cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.73.1
    • kernel-rt-livepatch-devel-5.14.21-150500.13.73.1
    • ocfs2-kmp-rt-5.14.21-150500.13.73.1
    • kernel-rt_debug-debugsource-5.14.21-150500.13.73.1
    • kernel-rt_debug-vdso-5.14.21-150500.13.73.1
    • kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.73.1
    • kernel-rt-extra-5.14.21-150500.13.73.1
    • kernel-rt-extra-debuginfo-5.14.21-150500.13.73.1
  • openSUSE Leap 15.5 (nosrc x86_64)
    • kernel-rt_debug-5.14.21-150500.13.73.1
    • kernel-rt-5.14.21-150500.13.73.1
  • openSUSE Leap Micro 5.5 (nosrc x86_64)
    • kernel-rt-5.14.21-150500.13.73.1
  • openSUSE Leap Micro 5.5 (x86_64)
    • kernel-rt-debuginfo-5.14.21-150500.13.73.1
    • kernel-rt-debugsource-5.14.21-150500.13.73.1
  • SUSE Linux Enterprise Micro 5.5 (nosrc x86_64)
    • kernel-rt-5.14.21-150500.13.73.1
  • SUSE Linux Enterprise Micro 5.5 (x86_64)
    • kernel-rt-debuginfo-5.14.21-150500.13.73.1
    • kernel-rt-debugsource-5.14.21-150500.13.73.1
  • SUSE Linux Enterprise Micro 5.5 (noarch)
    • kernel-source-rt-5.14.21-150500.13.73.1
  • SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
    • kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource-1-150500.11.3.1
    • kernel-livepatch-5_14_21-150500_13_73-rt-1-150500.11.3.1
    • kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo-1-150500.11.3.1
  • SUSE Real Time Module 15-SP5 (x86_64)
    • kernel-syms-rt-5.14.21-150500.13.73.1
    • kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.73.1
    • ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.73.1
    • dlm-kmp-rt-debuginfo-5.14.21-150500.13.73.1
    • dlm-kmp-rt-5.14.21-150500.13.73.1
    • gfs2-kmp-rt-debuginfo-5.14.21-150500.13.73.1
    • kernel-rt-devel-debuginfo-5.14.21-150500.13.73.1
    • kernel-rt_debug-debuginfo-5.14.21-150500.13.73.1
    • kernel-rt-debugsource-5.14.21-150500.13.73.1
    • kernel-rt-devel-5.14.21-150500.13.73.1
    • kernel-rt-debuginfo-5.14.21-150500.13.73.1
    • kernel-rt-vdso-debuginfo-5.14.21-150500.13.73.1
    • kernel-rt-vdso-5.14.21-150500.13.73.1
    • cluster-md-kmp-rt-5.14.21-150500.13.73.1
    • kernel-rt_debug-devel-5.14.21-150500.13.73.1
    • gfs2-kmp-rt-5.14.21-150500.13.73.1
    • cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.73.1
    • ocfs2-kmp-rt-5.14.21-150500.13.73.1
    • kernel-rt_debug-debugsource-5.14.21-150500.13.73.1
    • kernel-rt_debug-vdso-5.14.21-150500.13.73.1
    • kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.73.1
  • SUSE Real Time Module 15-SP5 (noarch)
    • kernel-source-rt-5.14.21-150500.13.73.1
    • kernel-devel-rt-5.14.21-150500.13.73.1
  • SUSE Real Time Module 15-SP5 (nosrc x86_64)
    • kernel-rt_debug-5.14.21-150500.13.73.1
    • kernel-rt-5.14.21-150500.13.73.1

References: