Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2024:2493-1
Rating:	important
References:	bsc#1215420 bsc#1220833 bsc#1221656 bsc#1221659 bsc#1222005 bsc#1222792 bsc#1223021 bsc#1223188 bsc#1224622 bsc#1224627 bsc#1224647 bsc#1224683 bsc#1224686 bsc#1224743 bsc#1224965 bsc#1225229 bsc#1225357 bsc#1225431 bsc#1225478 bsc#1225505 bsc#1225530 bsc#1225532 bsc#1225569 bsc#1225593 bsc#1225835 bsc#1226757 bsc#1226861 bsc#1226994 bsc#1227407 bsc#1227435 bsc#1227487
Cross-References:	CVE-2021-47145 CVE-2021-47201 CVE-2021-47275 CVE-2021-47438 CVE-2021-47498 CVE-2021-47520 CVE-2021-47547 CVE-2023-4244 CVE-2023-52507 CVE-2023-52683 CVE-2023-52693 CVE-2023-52753 CVE-2023-52817 CVE-2023-52818 CVE-2023-52819 CVE-2024-26635 CVE-2024-26636 CVE-2024-26880 CVE-2024-35805 CVE-2024-35819 CVE-2024-35828 CVE-2024-35947 CVE-2024-36014 CVE-2024-36941 CVE-2024-38598 CVE-2024-38619 CVE-2024-39301 CVE-2024-39475
CVSS scores:	CVE-2021-47145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-47275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-47438 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-47498 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-47520 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-47520 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-47547 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-4244 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2023-52683 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52753 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52818 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2023-52819 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2024-26635 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2024-26636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-26880 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2024-35805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-35819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-35828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-35947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-36014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-36941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-38598 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2024-38619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-39301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-39475 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-39475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:	SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Real Time 12 SP5 SUSE Linux Enterprise Server 12 SP5

An update that solves 28 vulnerabilities and has three security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2021-47145: btrfs: do not BUG_ON in link_to_fixup_dir (bsc#1222005).
• CVE-2021-47201: iavf: free q_vectors before queues in iavf_disable_vf (bsc#1222792).
• CVE-2021-47275: bcache: avoid oversized read request in cache missing code path (bsc#1224965).
• CVE-2021-47438: net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() (bsc#1225229)
• CVE-2021-47498: dm rq: do not queue request to blk-mq during DM suspend (bsc#1225357).
• CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431).
• CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505).
• CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420).
• CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
• CVE-2023-52683: ACPI: LPIT: Avoid u32 multiplication overflow (bsc#1224627).
• CVE-2023-52693: ACPI: video: check for error while searching for backlight device parent (bsc#1224686).
• CVE-2023-52753: drm/amd/display: Avoid NULL dereference of timing generator (bsc#1225478).
• CVE-2023-52817: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (bsc#1225569).
• CVE-2023-52818: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (bsc#1225530).
• CVE-2023-52819: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (bsc#1225532).
• CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
• CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
• CVE-2024-26880: dm: call the resume method on internal suspend (bsc#1223188).
• CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
• CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683).
• CVE-2024-35828: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (bsc#1224622).
• CVE-2024-35947: dyndbg: fix old BUG_ON in >control parser (bsc#1224647).
• CVE-2024-36014: drm/arm/malidp: fix a possible null pointer dereference (bsc#1225593).
• CVE-2024-36941: wifi: nl80211: do not free NULL coalescing rule (bsc#1225835).
• CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
• CVE-2024-38619: usb-storage: alauda: Check whether the media is initialized (bsc#1226861).
• CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
• CVE-2024-39475: fbdev: savage: Handle err return when savagefb_check_var failed (bsc#1227435)

The following non-security bugs were fixed:

• PM: hibernate: x86: Use crc32 instead of md5 for hibernation e820 integrity check (git-fixes).
• SUNRPC: Fix gss_free_in_token_pages() (git-fixes).
• SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-fixes).
• drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (git-fixes).
• kgdb: Add kgdb_has_hit_break function (git-fixes).
• kgdb: Move the extern declaration kgdb_has_hit_break() to generic kgdb.h (git-fixes).
• net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021).
• nfs: Handle error of rpc_proc_register() in nfs_net_init() (git-fixes).
• powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
• sched/deadline: Fix BUG_ON condition for deboosted tasks (bsc#1227407).
• sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
• x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys (git-fixes).
• x86/boot/e820: Fix typo in e820.c comment (git-fixes).
• x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (git-fixes).
• x86/fpu: Return proper error codes from user access functions (git-fixes).
• x86/ioremap: Fix page aligned size calculation in __ioremap_caller() (git-fixes).
• x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK (git-fixes).
• x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK (git-fixes).
• x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes (git-fixes).
• x86/numa: Use cpumask_available instead of hardcoded NULL check (git-fixes).
• x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (git-fixes).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Real Time 12 SP5
  zypper in -t patch SUSE-SLE-RT-12-SP5-2024-2493=1

Package List:

• SUSE Linux Enterprise Real Time 12 SP5 (x86_64)
  • gfs2-kmp-rt-4.12.14-10.194.1
  • kernel-rt_debug-debugsource-4.12.14-10.194.1
  • kernel-rt_debug-devel-debuginfo-4.12.14-10.194.1
  • ocfs2-kmp-rt-4.12.14-10.194.1
  • ocfs2-kmp-rt-debuginfo-4.12.14-10.194.1
  • kernel-rt-base-4.12.14-10.194.1
  • kernel-rt-base-debuginfo-4.12.14-10.194.1
  • gfs2-kmp-rt-debuginfo-4.12.14-10.194.1
  • kernel-rt-devel-debuginfo-4.12.14-10.194.1
  • kernel-rt-debugsource-4.12.14-10.194.1
  • cluster-md-kmp-rt-debuginfo-4.12.14-10.194.1
  • kernel-syms-rt-4.12.14-10.194.1
  • kernel-rt-devel-4.12.14-10.194.1
  • dlm-kmp-rt-debuginfo-4.12.14-10.194.1
  • dlm-kmp-rt-4.12.14-10.194.1
  • kernel-rt_debug-debuginfo-4.12.14-10.194.1
  • kernel-rt_debug-devel-4.12.14-10.194.1
  • cluster-md-kmp-rt-4.12.14-10.194.1
  • kernel-rt-debuginfo-4.12.14-10.194.1
• SUSE Linux Enterprise Real Time 12 SP5 (noarch)
  • kernel-devel-rt-4.12.14-10.194.1
  • kernel-source-rt-4.12.14-10.194.1
• SUSE Linux Enterprise Real Time 12 SP5 (nosrc x86_64)
  • kernel-rt_debug-4.12.14-10.194.1
  • kernel-rt-4.12.14-10.194.1

References:

• https://www.suse.com/security/cve/CVE-2021-47145.html
• https://www.suse.com/security/cve/CVE-2021-47201.html
• https://www.suse.com/security/cve/CVE-2021-47275.html
• https://www.suse.com/security/cve/CVE-2021-47438.html
• https://www.suse.com/security/cve/CVE-2021-47498.html
• https://www.suse.com/security/cve/CVE-2021-47520.html
• https://www.suse.com/security/cve/CVE-2021-47547.html
• https://www.suse.com/security/cve/CVE-2023-4244.html
• https://www.suse.com/security/cve/CVE-2023-52507.html
• https://www.suse.com/security/cve/CVE-2023-52683.html
• https://www.suse.com/security/cve/CVE-2023-52693.html
• https://www.suse.com/security/cve/CVE-2023-52753.html
• https://www.suse.com/security/cve/CVE-2023-52817.html
• https://www.suse.com/security/cve/CVE-2023-52818.html
• https://www.suse.com/security/cve/CVE-2023-52819.html
• https://www.suse.com/security/cve/CVE-2024-26635.html
• https://www.suse.com/security/cve/CVE-2024-26636.html
• https://www.suse.com/security/cve/CVE-2024-26880.html
• https://www.suse.com/security/cve/CVE-2024-35805.html
• https://www.suse.com/security/cve/CVE-2024-35819.html
• https://www.suse.com/security/cve/CVE-2024-35828.html
• https://www.suse.com/security/cve/CVE-2024-35947.html
• https://www.suse.com/security/cve/CVE-2024-36014.html
• https://www.suse.com/security/cve/CVE-2024-36941.html
• https://www.suse.com/security/cve/CVE-2024-38598.html
• https://www.suse.com/security/cve/CVE-2024-38619.html
• https://www.suse.com/security/cve/CVE-2024-39301.html
• https://www.suse.com/security/cve/CVE-2024-39475.html
• https://bugzilla.suse.com/show_bug.cgi?id=1215420
• https://bugzilla.suse.com/show_bug.cgi?id=1220833
• https://bugzilla.suse.com/show_bug.cgi?id=1221656
• https://bugzilla.suse.com/show_bug.cgi?id=1221659
• https://bugzilla.suse.com/show_bug.cgi?id=1222005
• https://bugzilla.suse.com/show_bug.cgi?id=1222792
• https://bugzilla.suse.com/show_bug.cgi?id=1223021
• https://bugzilla.suse.com/show_bug.cgi?id=1223188
• https://bugzilla.suse.com/show_bug.cgi?id=1224622
• https://bugzilla.suse.com/show_bug.cgi?id=1224627
• https://bugzilla.suse.com/show_bug.cgi?id=1224647
• https://bugzilla.suse.com/show_bug.cgi?id=1224683
• https://bugzilla.suse.com/show_bug.cgi?id=1224686
• https://bugzilla.suse.com/show_bug.cgi?id=1224743
• https://bugzilla.suse.com/show_bug.cgi?id=1224965
• https://bugzilla.suse.com/show_bug.cgi?id=1225229
• https://bugzilla.suse.com/show_bug.cgi?id=1225357
• https://bugzilla.suse.com/show_bug.cgi?id=1225431
• https://bugzilla.suse.com/show_bug.cgi?id=1225478
• https://bugzilla.suse.com/show_bug.cgi?id=1225505
• https://bugzilla.suse.com/show_bug.cgi?id=1225530
• https://bugzilla.suse.com/show_bug.cgi?id=1225532
• https://bugzilla.suse.com/show_bug.cgi?id=1225569
• https://bugzilla.suse.com/show_bug.cgi?id=1225593
• https://bugzilla.suse.com/show_bug.cgi?id=1225835
• https://bugzilla.suse.com/show_bug.cgi?id=1226757
• https://bugzilla.suse.com/show_bug.cgi?id=1226861
• https://bugzilla.suse.com/show_bug.cgi?id=1226994
• https://bugzilla.suse.com/show_bug.cgi?id=1227407
• https://bugzilla.suse.com/show_bug.cgi?id=1227435
• https://bugzilla.suse.com/show_bug.cgi?id=1227487