Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2024:0483-1
Rating:	important
References:	bsc#1065729 bsc#1108281 bsc#1123986 bsc#1141539 bsc#1181674 bsc#1206889 bsc#1212152 bsc#1216702 bsc#1216989 bsc#1217525 bsc#1218689 bsc#1218713 bsc#1218730 bsc#1218752 bsc#1218757 bsc#1218768 bsc#1218836 bsc#1218968 bsc#1219022 bsc#1219053 bsc#1219120 bsc#1219128 bsc#1219412 bsc#1219434 bsc#1219445 bsc#1219446
Cross-References:	CVE-2021-33631 CVE-2023-46838 CVE-2023-47233 CVE-2023-51042 CVE-2023-51043 CVE-2023-51780 CVE-2023-51782 CVE-2023-6040 CVE-2024-0340 CVE-2024-0775 CVE-2024-1086
CVSS scores:	CVE-2021-33631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-33631 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-46838 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2023-46838 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-47233 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-47233 ( NVD ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-51042 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-51042 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-51043 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-51043 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-51780 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-51780 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-51782 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-51782 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-6040 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVE-2023-6040 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-0340 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2024-0340 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:	SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5

An update that solves 11 vulnerabilities and has 15 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434).
• CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730).
• CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836).
• CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end() (bsc#1219412).
• CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702).
• CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120).
• CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053).
• CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within nf_tables_newtable function (bsc#1218752).
• CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c because of a rose_accept race condition (bsc#1218757).
• CVE-2024-0340: Fixed information disclosure in vhost/vhost.c:vhost_new_msg() (bsc#1218689).
• CVE-2023-51042: Fixed use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (bsc#1219128).

The following non-security bugs were fixed:

• Store the old kernel changelog entries in kernel-docs package (bsc#1218713)
• 9p: missing chunk of "fs/9p: Do not update file type when updating file attributes" (git-fixes).
• ACPICA: Avoid cache flush inside virtual machines (git-fixes).
• GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads (git-fixes).
• KVM: s390: vsie: Fix STFLE interpretive execution identification (git-fixes bsc#1219022).
• UAPI: ndctl: Fix g++-unsupported initialisation in headers (git-fixes).
• USB: serial: option: add Fibocom to DELL custom modem FM101R-GL (git-fixes).
• USB: serial: option: add Telit LE910C4-WWX 0x1035 composition (git-fixes).
• USB: serial: option: add entry for Sierra EM9191 with new firmware (git-fixes).
• USB: serial: option: fix FM101R-GL defines (git-fixes).
• acpi/nfit: Require opt-in for read-only label configurations (git-fixes).
• acpi/nfit: improve bounds checking for 'func' (git-fixes).
• affs: fix basic permission bits to actually work (git-fixes).
• aio: fix mremap after fork null-deref (git-fixes).
• asix: Add check for usbnet_get_endpoints (git-fixes).
• bnxt_en: Log unknown link speed appropriately (git-fixes).
• ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (bsc#1219445).
• chardev: fix error handling in cdev_device_add() (git-fixes).
• configfs: fix a deadlock in configfs_symlink() (git-fixes).
• configfs: fix a race in configfs_{,un}register_subsystem() (git-fixes).
• configfs: fix a use-after-free in __configfs_open_file (git-fixes).
• configfs: fix config_item refcnt leak in configfs_rmdir() (git-fixes).
• configfs: fix memleak in configfs_release_bin_file (git-fixes).
• configfs: new object reprsenting tree fragments (git-fixes).
• configfs: provide exclusion between IO and removals (git-fixes).
• configfs: stash the data we need into configfs_buffer at open time (git-fixes).
• ext4: Avoid freeing inodes on dirty list (bsc#1216989).
• ext4: silence the warning when evicting inode with dioread_nolock (bsc#1206889).
• fat: add ratelimit to fat*_ent_bread() (git-fixes).
• fs/exofs: fix potential memory leak in mount option parsing (git-fixes).
• fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters() (git-fixes).
• fs/fat/file.c: issue flush after the writeback of FAT (git-fixes).
• fs/file.c: initialize init_files.resize_wait (git-fixes).
• fs: do not audit the capability check in simple_xattr_list() (git-fixes).
• fs: ocfs2: namei: check return value of ocfs2_add_entry() (git-fixes).
• fs: orangefs: fix error return code of orangefs_revalidate_lookup() (git-fixes).
• fs: ratelimit __find_get_block_slow() failure message (git-fixes).
• fs: warn about impending deprecation of mandatory locks (git-fixes).
• gfs2: Allow lock_nolock mount to specify jid=X (git-fixes).
• gfs2: Check sb_bsize_shift after reading superblock (git-fixes).
• gfs2: Do not call dlm after protocol is unmounted (git-fixes).
• gfs2: Do not set GFS2_RDF_UPTODATE when the lvb is updated (git-fixes).
• gfs2: Do not skip dlm unlock if glock had an lvb (git-fixes).
• gfs2: Fix inode height consistency check (git-fixes).
• gfs2: Fix lru_count going negative (git-fixes).
• gfs2: Fix marking bitmaps non-full (git-fixes).
• gfs2: Fix possible data races in gfs2_show_options() (git-fixes).
• gfs2: Fix sign extension bug in gfs2_update_stats (git-fixes).
• gfs2: Fix use-after-free in gfs2_glock_shrink_scan (git-fixes).
• gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free (git-fixes).
• gfs2: Make sure FITRIM minlen is rounded up to fs block size (git-fixes).
• gfs2: Special-case rindex for gfs2_grow (git-fixes).
• gfs2: Wake up when sd_glock_disposal becomes zero (git-fixes).
• gfs2: add validation checks for size of superblock (git-fixes).
• gfs2: assign rgrp glock before compute_bitstructs (git-fixes).
• gfs2: check for empty rgrp tree in gfs2_ri_update (git-fixes).
• gfs2: check for live vs. read-only file system in gfs2_fitrim (git-fixes).
• gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps (git-fixes).
• gfs2: fix use-after-free on transaction ail lists (git-fixes).
• gfs2: ignore negated quota changes (git-fixes).
• gfs2: initialize transaction tr_ailX_lists earlier (git-fixes).
• gfs2: report "already frozen/thawed" errors (git-fixes).
• gfs2: take jdata unstuff into account in do_grow (git-fixes).
• gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache (git-fixes).
• gtp: change NET_UDP_TUNNEL dependency to select (git-fixes).
• help_next should increase position index (git-fixes).
• iomap: sub-block dio needs to zeroout beyond EOF (git-fixes).
• kernfs: Separate kernfs_pr_cont_buf and rename_lock (git-fixes).
• kernfs: bring names in comments in line with code (git-fixes).
• kernfs: fix use-after-free in __kernfs_remove (git-fixes).
• libceph: use kernel_connect() (bsc#1219446).
• libnvdimm/btt: Fix LBA masking during 'free list' population (git-fixes).
• libnvdimm/btt: Fix a kmemdup failure check (git-fixes).
• libnvdimm/btt: Remove unnecessary code in btt_freelist_init (git-fixes).
• libnvdimm/btt: fix variable 'rc' set but not used (git-fixes).
• libnvdimm/namespace: Fix a potential NULL pointer dereference (git-fixes).
• libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return value (git-fixes).
• libnvdimm/pmem: Delete include of nd-core.h (git-fixes).
• libnvdimm/pmem: fix a possible OOB access when read and write pmem (git-fixes).
• libnvdimm/region: Fix label activation vs errors (git-fixes).
• libnvdimm: Fix compilation warnings with W=1 (git-fixes).
• libnvdimm: Out of bounds read in __nd_ioctl() (git-fixes).
• libnvdimm: Validate command family indices (git-fixes).
• libnvdimm: cover up changes in struct nvdimm_bus_descriptor (git-fixes).
• locks: print a warning when mount fails due to lack of "mand" support (git-fixes).
• mce: fix set_mce_nospec to always unmap the whole page (git-fixes).
• mkspec: Include constraints for both multibuild and plain package always There is no need to check for multibuild flag, the constraints can be always generated for both cases.
• mlx4: handle non-napi callers to napi_poll (git-fixes).
• mlxsw: spectrum: Avoid -Wformat-truncation warnings (git-fixes).
• mlxsw: spectrum: Properly cleanup LAG uppers when removing port from LAG (git-fixes).
• mlxsw: spectrum: Set LAG port collector only when active (git-fixes).
• mm,mremap: bail out earlier in mremap_to under map pressure (bsc#1123986).
• net/mlx5: Do not call timecounter cyc2time directly from 1PPS flow (git-fixes).
• net: (cpts) fix a missing check of clk_prepare (git-fixes).
• net: dsa: bcm_sf2: Propagate error value from mdio_write (git-fixes).
• net: dsa: mv88e6xxx: Work around mv886e6161 SERDES missing MII_PHYSID2 (git-fixes).
• net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0 (git-fixed).
• net: dsa: qca8k: Enable delay for RGMII_ID mode (git-fixes).
• net: ethernet: ti: fix possible object reference leak (git-fixes).
• net: fec: Do not use netdev messages too early (git-fixes).
• net: ks8851: Delay requesting IRQ until opened (git-fixes).
• net: ks8851: Reassert reset pin if chip ID check fails (git-fixes).
• net: ks8851: Set initial carrier state to down (git-fixes).
• net: macb: Add null check for PCLK and HCLK (git-fixed).
• net: mv643xx_eth: disable clk on error path in mv643xx_eth_shared_probe() (git-fixes).
• net: mvneta: fix double free of txq->buf (git-fixes).
• net: phy: sfp: warn the user when no tx_disable pin is available (git-fixes).
• net: phylink: avoid resolving link state too early (git-fixes).
• net: sfp: do not probe SFP module before we're attached (git-fixes).
• net: stmmac: Disable EEE mode earlier in XMIT callback (git-fixes).
• net: stmmac: Fallback to Platform Data clock in Watchdog conversion (git-fixes).
• net: stmmac: do not overwrite discard_frame status (git-fixes).
• net: stmmac: dwmac-rk: fix error handling in rk_gmac_powerup() (git-fixes).
• net: stmmac: dwmac1000: Clear unused address entries (git-fixed).
• net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting (git-fixes).
• net: stmmac: dwmac4/5: Clear unused address entries (git-fixes).
• net: systemport: Fix reception of BPDUs (git-fixes).
• net: xilinx: fix possible object reference leak (git-fixed).
• nfsd: drop st_mutex and rp_mutex before calling move_to_close_lru() (bsc#1217525).
• nvdimm/btt: do not call del_gendisk() if not needed (git-fixes).
• nvdimm: Allow overwrite in the presence of disabled dimms (git-fixes).
• nvdimm: Fix badblocks clear off-by-one error (git-fixes).
• nvmet-tcp: fix a crash in nvmet_req_complete() (git-fixes).
• orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() (git-fixes).
• orangefs: Fix sysfs not cleanup when dev init failed (git-fixes).
• orangefs: fix orangefs df output (git-fixes).
• orangefs: rate limit the client not running info message (git-fixes).
• powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729).
• powerpc/powernv: Add a null pointer check in opal_powercap_init() (bsc#1181674 ltc#189159 git-fixes).
• powerpc/pseries/memhotplug: Quieten some DLPAR operations (bsc#1065729).
• powerpc/pseries/memhp: Fix access beyond end of drmem array (bsc#1065729).
• powerpc: Do not clobber f0/vs0 during fp|altivec register save (bsc#1065729).
• preserve KABI for struct plat_stmmacenet_data (git-fixes).
• preserve KABI for struct sfp_socket_ops (git-fixes).
• proc: fix /proc/*/map_files lookup (git-fixes).
• pstore/ram: Check start of empty przs during init (git-fixes).
• pstore/ram: Fix error return code in ramoops_probe() (git-fixes).
• pstore/ram: Run without kernel crash dump region (git-fixes).
• pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP (git-fixes).
• pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() (git-fixes).
• r8169: fix data corruption issue on RTL8402 (git-fixes).
• reiserfs: Check the return value from __getblk() (git-fixes).
• reiserfs: Replace 1-element array with C99 style flex-array (git-fixes).
• s390/dasd: fix double module refcount decrement (bsc#1141539).
• scsi: qedf: fc_rport_priv reference counting fixes (bsc#1212152).
• scsi: qla0xxx: Fix system crash due to bad pointer access (git-fixes).
• sfc: initialise found bitmap in efx_ef10_mtd_probe (git-fixes).
• statfs: enforce statfs[64] structure initialization (git-fixes).
• tracing/trigger: Fix to return error if failed to alloc snapshot (git-fixes).
• usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer (git-fixes).
• veth: Fixing transmit return status for dropped packets (git-fixes).
• vfs: make freeze_super abort when sync_filesystem returns error (git-fixes).
• writeback: Export inode_io_list_del() (bsc#1216989).
• x86/CPU/AMD: Check vendor in the AMD microcode callback (git-fixes).
• x86/alternatives: Sync core before enabling interrupts (git-fixes).
• x86/asm: Ensure asm/proto.h can be included stand-alone (git-fixes).
• x86/bugs: Add "unknown" reporting for MMIO Stale Data (git-fixes).
• x86/build: Treat R_386_PLT32 relocation as R_386_PC32 (git-fixes).
• x86/build: Turn off -fcf-protection for realmode targets (git-fixes).
• x86/cpu/hygon: Fix the CPU topology evaluation for real (git-fixes).
• x86/cpu: Add another Alder Lake CPU to the Intel family (git-fixes).
• x86/fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN (git-fixes).
• x86/kvm/lapic: always disable MMIO interface in x2APIC mode (git-fixes).
• x86/kvm: Do not try to disable kvmclock if it was not enabled (git-fixes).
• x86/lib: Fix overflow when counting digits (git-fixes).
• x86/mce: relocate set{clear}_mce_nospec() functions (git-fixes).
• x86/microcode/AMD: Track patch allocation size explicitly (git-fixes).
• x86/microcode/intel: Do not retry microcode reloading on the APs (git-fixes).
• x86/mm: Add a x86_has_pat_wp() helper (git-fixes).
• x86/pat: Fix x86_has_pat_wp() (git-fixes).
• x86/pat: Pass valid address to sanitize_phys() (git-fixes).
• x86/pm: Add enumeration check before spec MSRs save/restore setup (git-fixes).
• x86/pm: Fix false positive kmemleak report in msr_build_context() (git-fixes).
• x86/purgatory: Do not generate debug info for purgatory.ro (git-fixes).
• x86/resctrl: Fix to restore to original value when re-enabling hardware prefetch register (git-fixes).
• x86/topology: Fix duplicated core ID within a package (git-fixes).
• x86/topology: Fix multiple packages shown on a single-package system (git-fixes).
• x86/unwind/orc: Fix unreliable stack dump with gcov (git-fixes).
• x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry (git-fixes).
• x86: Clear .brk area at early boot (git-fixes).
• x86: Fix __get_wchan() for !STACKTRACE (git-fixes).
• x86: Fix get_wchan() to support the ORC unwinder (git-fixes).
• x86: Mark stop_this_cpu() __noreturn (git-fixes).
• x86: Pin task-stack in __get_wchan() (git-fixes).
• x86: always_inline {rd,wr}msr() (git-fixes).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Server for SAP Applications 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-483=1
• SUSE Linux Enterprise High Performance Computing 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-483=1
• SUSE Linux Enterprise Server 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-483=1

Package List:

• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc x86_64)
  • kernel-azure-4.12.14-16.168.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64)
  • kernel-azure-debugsource-4.12.14-16.168.1
  • kernel-azure-base-debuginfo-4.12.14-16.168.1
  • kernel-azure-debuginfo-4.12.14-16.168.1
  • kernel-azure-devel-4.12.14-16.168.1
  • kernel-syms-azure-4.12.14-16.168.1
  • kernel-azure-base-4.12.14-16.168.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch)
  • kernel-source-azure-4.12.14-16.168.1
  • kernel-devel-azure-4.12.14-16.168.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64)
  • kernel-azure-4.12.14-16.168.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64)
  • kernel-azure-debugsource-4.12.14-16.168.1
  • kernel-azure-base-debuginfo-4.12.14-16.168.1
  • kernel-azure-debuginfo-4.12.14-16.168.1
  • kernel-azure-devel-4.12.14-16.168.1
  • kernel-syms-azure-4.12.14-16.168.1
  • kernel-azure-base-4.12.14-16.168.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
  • kernel-source-azure-4.12.14-16.168.1
  • kernel-devel-azure-4.12.14-16.168.1
• SUSE Linux Enterprise Server 12 SP5 (nosrc x86_64)
  • kernel-azure-4.12.14-16.168.1
• SUSE Linux Enterprise Server 12 SP5 (x86_64)
  • kernel-azure-debugsource-4.12.14-16.168.1
  • kernel-azure-base-debuginfo-4.12.14-16.168.1
  • kernel-azure-debuginfo-4.12.14-16.168.1
  • kernel-azure-devel-4.12.14-16.168.1
  • kernel-syms-azure-4.12.14-16.168.1
  • kernel-azure-base-4.12.14-16.168.1
• SUSE Linux Enterprise Server 12 SP5 (noarch)
  • kernel-source-azure-4.12.14-16.168.1
  • kernel-devel-azure-4.12.14-16.168.1

References:

• https://www.suse.com/security/cve/CVE-2021-33631.html
• https://www.suse.com/security/cve/CVE-2023-46838.html
• https://www.suse.com/security/cve/CVE-2023-47233.html
• https://www.suse.com/security/cve/CVE-2023-51042.html
• https://www.suse.com/security/cve/CVE-2023-51043.html
• https://www.suse.com/security/cve/CVE-2023-51780.html
• https://www.suse.com/security/cve/CVE-2023-51782.html
• https://www.suse.com/security/cve/CVE-2023-6040.html
• https://www.suse.com/security/cve/CVE-2024-0340.html
• https://www.suse.com/security/cve/CVE-2024-0775.html
• https://www.suse.com/security/cve/CVE-2024-1086.html
• https://bugzilla.suse.com/show_bug.cgi?id=1065729
• https://bugzilla.suse.com/show_bug.cgi?id=1108281
• https://bugzilla.suse.com/show_bug.cgi?id=1123986
• https://bugzilla.suse.com/show_bug.cgi?id=1141539
• https://bugzilla.suse.com/show_bug.cgi?id=1181674
• https://bugzilla.suse.com/show_bug.cgi?id=1206889
• https://bugzilla.suse.com/show_bug.cgi?id=1212152
• https://bugzilla.suse.com/show_bug.cgi?id=1216702
• https://bugzilla.suse.com/show_bug.cgi?id=1216989
• https://bugzilla.suse.com/show_bug.cgi?id=1217525
• https://bugzilla.suse.com/show_bug.cgi?id=1218689
• https://bugzilla.suse.com/show_bug.cgi?id=1218713
• https://bugzilla.suse.com/show_bug.cgi?id=1218730
• https://bugzilla.suse.com/show_bug.cgi?id=1218752
• https://bugzilla.suse.com/show_bug.cgi?id=1218757
• https://bugzilla.suse.com/show_bug.cgi?id=1218768
• https://bugzilla.suse.com/show_bug.cgi?id=1218836
• https://bugzilla.suse.com/show_bug.cgi?id=1218968
• https://bugzilla.suse.com/show_bug.cgi?id=1219022
• https://bugzilla.suse.com/show_bug.cgi?id=1219053
• https://bugzilla.suse.com/show_bug.cgi?id=1219120
• https://bugzilla.suse.com/show_bug.cgi?id=1219128
• https://bugzilla.suse.com/show_bug.cgi?id=1219412
• https://bugzilla.suse.com/show_bug.cgi?id=1219434
• https://bugzilla.suse.com/show_bug.cgi?id=1219445
• https://bugzilla.suse.com/show_bug.cgi?id=1219446